Vulnerabilites related to sap - netweaver_application_server_java
Vulnerability from fkie_nvd
Published
2022-12-12 22:15
Modified
2024-11-21 07:22
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Due to insufficient input validation, SAP NetWeaver AS Java (HTTP Provider Service) - version 7.50, allows an unauthenticated attacker to inject a script into a web request header. On successful exploitation, an attacker can view or modify information causing a limited impact on the confidentiality and integrity of the application.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://launchpad.support.sap.com/#/notes/3262544 | Permissions Required, Vendor Advisory | |
| cna@sap.com | https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/3262544 | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.50 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", matchCriteriaId: "9C506445-3787-4BFF-A98B-7502A0F7CF80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Due to insufficient input validation, SAP NetWeaver AS Java (HTTP Provider Service) - version 7.50, allows an unauthenticated attacker to inject a script into a web request header. On successful exploitation, an attacker can view or modify information causing a limited impact on the confidentiality and integrity of the application.\n", }, { lang: "es", value: "Debido a una validación de entrada insuficiente, SAP NetWeaver AS Java (HTTP Provider Service), versión 7.50, permite a un atacante no autenticado inyectar un script en un encabezado de solicitud web. Si la explotación tiene éxito, un atacante puede ver o modificar información causando un impacto limitado en la confidencialidad e integridad de la aplicación.", }, ], id: "CVE-2022-41262", lastModified: "2024-11-21T07:22:56.287", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "cna@sap.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-12-12T22:15:10.340", references: [ { source: "cna@sap.com", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://launchpad.support.sap.com/#/notes/3262544", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://launchpad.support.sap.com/#/notes/3262544", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "cna@sap.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2022-03-10 17:47
Modified
2024-11-21 06:53
Severity ?
Summary
Under certain conditions, SAP NetWeaver (Real Time Messaging Framework) - version 7.50, allows an attacker to access information which could lead to information gathering for further exploits and attacks.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://dam.sap.com/mac/embed/public/pdf/a/ucQrx6G.htm?rc=10 | Vendor Advisory | |
| cna@sap.com | https://launchpad.support.sap.com/#/notes/3132360 | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://dam.sap.com/mac/embed/public/pdf/a/ucQrx6G.htm?rc=10 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/3132360 | Permissions Required, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.50 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", matchCriteriaId: "9C506445-3787-4BFF-A98B-7502A0F7CF80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Under certain conditions, SAP NetWeaver (Real Time Messaging Framework) - version 7.50, allows an attacker to access information which could lead to information gathering for further exploits and attacks.", }, { lang: "es", value: "Bajo determinadas condiciones, SAP NetWeaver (Real Time Messaging Framework) - versión 7.50, permite a un atacante acceder a información que podría conllevar a una recopilación de información para otras explotaciones y ataques", }, ], id: "CVE-2022-26103", lastModified: "2024-11-21T06:53:26.120", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-03-10T17:47:31.000", references: [ { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://dam.sap.com/mac/embed/public/pdf/a/ucQrx6G.htm?rc=10", }, { source: "cna@sap.com", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://launchpad.support.sap.com/#/notes/3132360", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://dam.sap.com/mac/embed/public/pdf/a/ucQrx6G.htm?rc=10", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://launchpad.support.sap.com/#/notes/3132360", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-862", }, ], source: "cna@sap.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-11-13 22:15
Modified
2024-11-21 04:16
Severity ?
Summary
Under certain conditions SAP NetWeaver AS Java (corrected in 7.10, 7.20, 7.30, 7.31, 7.40, 7.50) allows an attacker to access information which would otherwise be restricted.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://launchpad.support.sap.com/#/notes/2835226 | Permissions Required, Vendor Advisory | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528880390 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/2835226 | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528880390 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.10 | |
| sap | netweaver_application_server_java | 7.20 | |
| sap | netweaver_application_server_java | 7.30 | |
| sap | netweaver_application_server_java | 7.31 | |
| sap | netweaver_application_server_java | 7.40 | |
| sap | netweaver_application_server_java | 7.50 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.10:*:*:*:*:*:*:*", matchCriteriaId: "D60371A7-F8F4-46F8-9659-DD4EE84B81EA", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.20:*:*:*:*:*:*:*", matchCriteriaId: "43A28C48-4325-4694-88B1-FEE46EBFB0A6", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.30:*:*:*:*:*:*:*", matchCriteriaId: "24A1E0B9-8C28-41BC-B050-237B5F929C9C", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.31:*:*:*:*:*:*:*", matchCriteriaId: "EEAE6C2A-821F-4123-BD56-0FDADF9D63C8", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*", matchCriteriaId: "F5308FCE-8B2C-4B4D-BEE7-3CF544570B68", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", matchCriteriaId: "9C506445-3787-4BFF-A98B-7502A0F7CF80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Under certain conditions SAP NetWeaver AS Java (corrected in 7.10, 7.20, 7.30, 7.31, 7.40, 7.50) allows an attacker to access information which would otherwise be restricted.", }, { lang: "es", value: "Bajo determinadas condiciones, SAP NetWeaver AS Java (corregido en versiones 7.10, 7.20, 7.30, 7.31, 7.40, 7.50), permite a un atacante acceder a información que de otro modo estaría restringida.", }, ], id: "CVE-2019-0391", lastModified: "2024-11-21T04:16:47.337", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 4, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-11-13T22:15:11.773", references: [ { source: "cna@sap.com", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://launchpad.support.sap.com/#/notes/2835226", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528880390", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://launchpad.support.sap.com/#/notes/2835226", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528880390", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-05-13 10:59
Modified
2025-04-12 10:46
Severity ?
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Summary
The Invoker Servlet on SAP NetWeaver Application Server Java platforms, possibly before 7.3, does not require authentication, which allows remote attackers to execute arbitrary code via an HTTP or HTTPS request, as exploited in the wild in 2013 through 2016, aka a "Detour" attack.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | * |
{ cisaActionDue: "2022-05-03", cisaExploitAdd: "2021-11-03", cisaRequiredAction: "Apply updates per vendor instructions.", cisaVulnerabilityName: "SAP NetWeaver Remote Code Execution Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:*:*:*:*:*:*:*:*", matchCriteriaId: "8A2EBD07-4989-4F26-A3B4-D5D2070B6998", versionEndIncluding: "7.30", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Invoker Servlet on SAP NetWeaver Application Server Java platforms, possibly before 7.3, does not require authentication, which allows remote attackers to execute arbitrary code via an HTTP or HTTPS request, as exploited in the wild in 2013 through 2016, aka a \"Detour\" attack.", }, { lang: "es", value: "El Invoker Servlet sobre plataformas SAP NetWeaver Application Server Java, posiblemente en versiones anteriores a 7.3, no requiere autenticación, loq ue permite a atacantes remotos ejecutar código arbitrario a través de una petición HTTP o HTTPS, según se ha explotado activamente desde 2013 hasta 2016, también conocido como un ataque \"Detour\".", }, ], id: "CVE-2010-5326", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 10, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 10, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2016-05-13T10:59:00.173", references: [ { source: "cve@mitre.org", tags: [ "Permissions Required", ], url: "http://service.sap.com/sap/support/notes/1445998", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.onapsis.com/research/publications/sap-security-in-depth-vol4-the-invoker-servlet-a-dangerous-detour-into-sap-java-solutions", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/48925", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/90533", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.us-cert.gov/ncas/alerts/TA16-132A", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.onapsis.com/threat-report-tip-iceberg-wild-exploitation-cyber-attacks-sap-business-applications", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "http://service.sap.com/sap/support/notes/1445998", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.onapsis.com/research/publications/sap-security-in-depth-vol4-the-invoker-servlet-a-dangerous-detour-into-sap-java-solutions", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/48925", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/90533", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.us-cert.gov/ncas/alerts/TA16-132A", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.onapsis.com/threat-report-tip-iceberg-wild-exploitation-cyber-attacks-sap-business-applications", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-306", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2024-02-13 02:15
Modified
2025-02-11 05:15
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:L
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:L
Summary
The User Admin application of SAP NetWeaver AS for Java - version 7.50, insufficiently validates and improperly encodes the incoming URL parameters before including them into the redirect URL. This results in Cross-Site Scripting (XSS) vulnerability, leading to a high impact on confidentiality and mild impact on integrity and availability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.50 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", matchCriteriaId: "9C506445-3787-4BFF-A98B-7502A0F7CF80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The User Admin application of SAP NetWeaver AS for Java - version 7.50, insufficiently validates and improperly encodes the incoming URL parameters before including them into the redirect URL. This results in Cross-Site Scripting (XSS) vulnerability, leading to a high impact on confidentiality and mild impact on integrity and availability.", }, { lang: "es", value: "La aplicación User Admin de SAP NetWeaver AS para Java, versión 7.50, no valida lo suficiente y codifica incorrectamente los parámetros de la URL entrante antes de incluirlos en la URL de redireccionamiento. Esto da como resultado una vulnerabilidad de Cross-Site Scripting (XSS), lo que genera un alto impacto en la confidencialidad y un impacto leve en la integridad y la disponibilidad.", }, ], id: "CVE-2024-22126", lastModified: "2025-02-11T05:15:13.300", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "cna@sap.com", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:L", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.3, source: "nvd@nist.gov", type: "Secondary", }, ], }, published: "2024-02-13T02:15:08.107", references: [ { source: "cna@sap.com", tags: [ "Permissions Required", ], url: "https://me.sap.com/notes/3417627", }, { source: "cna@sap.com", url: "https://me.sap.com/notes/3557138", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "https://me.sap.com/notes/3417627", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "cna@sap.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-07-14 13:15
Modified
2024-11-21 05:35
Severity ?
Summary
The insufficient input path validation of certain parameter in the web service of SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, allows an unauthenticated attacker to exploit a method to download zip files to a specific directory, leading to Path Traversal.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://launchpad.support.sap.com/#/notes/2934135 | Permissions Required, Vendor Advisory | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/2934135 | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.30 | |
| sap | netweaver_application_server_java | 7.31 | |
| sap | netweaver_application_server_java | 7.40 | |
| sap | netweaver_application_server_java | 7.50 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.30:*:*:*:*:*:*:*", matchCriteriaId: "24A1E0B9-8C28-41BC-B050-237B5F929C9C", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.31:*:*:*:*:*:*:*", matchCriteriaId: "EEAE6C2A-821F-4123-BD56-0FDADF9D63C8", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*", matchCriteriaId: "F5308FCE-8B2C-4B4D-BEE7-3CF544570B68", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", matchCriteriaId: "9C506445-3787-4BFF-A98B-7502A0F7CF80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The insufficient input path validation of certain parameter in the web service of SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, allows an unauthenticated attacker to exploit a method to download zip files to a specific directory, leading to Path Traversal.", }, { lang: "es", value: "La comprobación insuficiente de la ruta de entrada de determinados parámetros en el servicio web de SAP NetWeaver AS JAVA (LM Configuration Wizard), versiones 7.30, 7.31, 7.40, 7.50, permite a un atacante no autenticado explotar un método para descargar archivos zip hacia un directorio específico, conllevando a un Salto de Ruta", }, ], id: "CVE-2020-6286", lastModified: "2024-11-21T05:35:26.367", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "cna@sap.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-07-14T13:15:12.923", references: [ { source: "cna@sap.com", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://launchpad.support.sap.com/#/notes/2934135", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://launchpad.support.sap.com/#/notes/2934135", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-09-10 17:15
Modified
2024-11-21 04:16
Severity ?
Summary
SAP NetWeaver Application Server Java Web Container, ENGINEAPI (before versions 7.10, 7.20, 7.30, 7.31, 7.40, 7.50) and SAP-JEECOR (before versions 6.40, 7.0, 7.01), allows an attacker to inject code that can be executed by the application. An attacker could thereby control the behaviour of the application.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://launchpad.support.sap.com/#/notes/2798336 | Permissions Required, Third Party Advisory | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=525962506 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/2798336 | Permissions Required, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=525962506 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.10 | |
| sap | netweaver_application_server_java | 7.20 | |
| sap | netweaver_application_server_java | 7.30 | |
| sap | netweaver_application_server_java | 7.31 | |
| sap | netweaver_application_server_java | 7.40 | |
| sap | netweaver_application_server_java | 7.50 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.10:*:*:*:*:*:*:*", matchCriteriaId: "D60371A7-F8F4-46F8-9659-DD4EE84B81EA", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.20:*:*:*:*:*:*:*", matchCriteriaId: "43A28C48-4325-4694-88B1-FEE46EBFB0A6", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.30:*:*:*:*:*:*:*", matchCriteriaId: "24A1E0B9-8C28-41BC-B050-237B5F929C9C", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.31:*:*:*:*:*:*:*", matchCriteriaId: "EEAE6C2A-821F-4123-BD56-0FDADF9D63C8", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*", matchCriteriaId: "F5308FCE-8B2C-4B4D-BEE7-3CF544570B68", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", matchCriteriaId: "9C506445-3787-4BFF-A98B-7502A0F7CF80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SAP NetWeaver Application Server Java Web Container, ENGINEAPI (before versions 7.10, 7.20, 7.30, 7.31, 7.40, 7.50) and SAP-JEECOR (before versions 6.40, 7.0, 7.01), allows an attacker to inject code that can be executed by the application. An attacker could thereby control the behaviour of the application.", }, { lang: "es", value: "SAP NetWeaver Application Server Java Web Container, ENGINEAPI (versiones anteriores a 7.10, 7.20, 7.30, 7.31, 7.40, 7.50) y SAP-JEECOR (versiones anteriores a 6.40, 7.0, 7.01), permiten a un atacante inyectar código que puede ser ejecutado por la aplicación. Un atacante podría de este modo controlar el comportamiento de la aplicación.", }, ], id: "CVE-2019-0355", lastModified: "2024-11-21T04:16:44.123", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-09-10T17:15:10.923", references: [ { source: "cna@sap.com", tags: [ "Permissions Required", "Third Party Advisory", ], url: "https://launchpad.support.sap.com/#/notes/2798336", }, { source: "cna@sap.com", tags: [ "Third Party Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=525962506", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", "Third Party Advisory", ], url: "https://launchpad.support.sap.com/#/notes/2798336", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=525962506", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-94", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-02-12 20:15
Modified
2024-11-21 05:35
Severity ?
Summary
Certain vulnerable endpoints in SAP NetWeaver AS Java (Heap Dump Application), versions 7.30, 7.31, 7.40, 7.50, provide valuable information about the system like hostname, server node and installation path that could be misused by an attacker leading to Information Disclosure.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://launchpad.support.sap.com/#/notes/2838835 | Permissions Required, Vendor Advisory | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=537788812 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/2838835 | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=537788812 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.30 | |
| sap | netweaver_application_server_java | 7.31 | |
| sap | netweaver_application_server_java | 7.40 | |
| sap | netweaver_application_server_java | 7.50 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.30:*:*:*:*:*:*:*", matchCriteriaId: "24A1E0B9-8C28-41BC-B050-237B5F929C9C", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.31:*:*:*:*:*:*:*", matchCriteriaId: "EEAE6C2A-821F-4123-BD56-0FDADF9D63C8", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*", matchCriteriaId: "F5308FCE-8B2C-4B4D-BEE7-3CF544570B68", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", matchCriteriaId: "9C506445-3787-4BFF-A98B-7502A0F7CF80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain vulnerable endpoints in SAP NetWeaver AS Java (Heap Dump Application), versions 7.30, 7.31, 7.40, 7.50, provide valuable information about the system like hostname, server node and installation path that could be misused by an attacker leading to Information Disclosure.", }, { lang: "es", value: "Determinados endpoints vulnerables en SAP NetWeaver AS Java (Heap Dump Application), versiones 7.30, 7.31, 7.40, 7.50, proporcionan información valiosa sobre el sistema tal y como el nombre de host, el nodo del servidor y la ruta de instalación que podría ser usada inapropiadamente por parte de un atacante, conllevando a una Divulgación de Información.", }, ], id: "CVE-2020-6190", lastModified: "2024-11-21T05:35:16.093", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.8, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "cna@sap.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-02-12T20:15:14.620", references: [ { source: "cna@sap.com", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://launchpad.support.sap.com/#/notes/2838835", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=537788812", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://launchpad.support.sap.com/#/notes/2838835", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=537788812", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-04-13 19:15
Modified
2024-11-21 05:48
Severity ?
Summary
An unauthorized attacker may be able to entice an administrator to invoke telnet commands of an SAP NetWeaver Application Server for Java that allow the attacker to gain NTLM hashes of a privileged user.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://launchpad.support.sap.com/#/notes/3001824 | Permissions Required | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=573801649 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/3001824 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=573801649 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.10 | |
| sap | netweaver_application_server_java | 7.20 | |
| sap | netweaver_application_server_java | 7.30 | |
| sap | netweaver_application_server_java | 7.31 | |
| sap | netweaver_application_server_java | 7.40 | |
| sap | netweaver_application_server_java | 7.50 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.10:*:*:*:*:*:*:*", matchCriteriaId: "D60371A7-F8F4-46F8-9659-DD4EE84B81EA", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.20:*:*:*:*:*:*:*", matchCriteriaId: "43A28C48-4325-4694-88B1-FEE46EBFB0A6", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.30:*:*:*:*:*:*:*", matchCriteriaId: "24A1E0B9-8C28-41BC-B050-237B5F929C9C", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.31:*:*:*:*:*:*:*", matchCriteriaId: "EEAE6C2A-821F-4123-BD56-0FDADF9D63C8", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*", matchCriteriaId: "F5308FCE-8B2C-4B4D-BEE7-3CF544570B68", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", matchCriteriaId: "9C506445-3787-4BFF-A98B-7502A0F7CF80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An unauthorized attacker may be able to entice an administrator to invoke telnet commands of an SAP NetWeaver Application Server for Java that allow the attacker to gain NTLM hashes of a privileged user.", }, { lang: "es", value: "Un atacante no autorizado puede ser capaz de atraer a un administrador para que invoque comandos telnet de SAP NetWeaver Application Server para Java que permitan al atacante obtener hashes NTLM de un usuario privilegiado", }, ], id: "CVE-2021-21485", lastModified: "2024-11-21T05:48:28.093", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 4, source: "cna@sap.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-04-13T19:15:13.990", references: [ { source: "cna@sap.com", tags: [ "Permissions Required", ], url: "https://launchpad.support.sap.com/#/notes/3001824", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=573801649", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "https://launchpad.support.sap.com/#/notes/3001824", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=573801649", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-04-07 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
The chat feature in the Real-Time Collaboration (RTC) services 7.3 and 7.4 in SAP NetWeaver Java AS 7.1 through 7.5 allows remote attackers to obtain sensitive user information by visiting webdynpro/resources/sap.com/tc~rtc~coll.appl.rtc~wd_chat/Chat#, pressing "Add users", and doing a search, aka SAP Security Note 2255990.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:*:*:*:*:*:*:*:*", matchCriteriaId: "70F75AAE-5A52-4B9A-B8E8-8E1BE573B21D", versionEndIncluding: "7.50", versionStartIncluding: "7.10", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The chat feature in the Real-Time Collaboration (RTC) services 7.3 and 7.4 in SAP NetWeaver Java AS 7.1 through 7.5 allows remote attackers to obtain sensitive user information by visiting webdynpro/resources/sap.com/tc~rtc~coll.appl.rtc~wd_chat/Chat#, pressing \"Add users\", and doing a search, aka SAP Security Note 2255990.", }, { lang: "es", value: "La característica de chat en los servicios Real-Time Collaboration (RTC) 7.3 y 7.4 en SAP NetWeaver Java AS 7.1 hasta la versión 7.5 permite a atacantes remotos obtener información sensible de usuario visitando webdynpro/resources/sap.com/tc~rtc~coll.appl.rtc~wd_chat/Chat#, presionando \"Add users\" y haciendo una búsqueda, también conocido como SAP Security Note 2255990.", }, ], id: "CVE-2016-3973", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-04-07T19:59:04.377", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/137579/SAP-NetWeaver-AS-JAVA-7.5-Information-Disclosure.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2016/Jun/46", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://erpscan.io/advisories/erpscan-16-016-sap-netweaver-7-4-information-disclosure-wd_chat/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://erpscan.io/press-center/blog/sap-security-notes-march-2016-review/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/137579/SAP-NetWeaver-AS-JAVA-7.5-Information-Disclosure.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2016/Jun/46", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://erpscan.io/advisories/erpscan-16-016-sap-netweaver-7-4-information-disclosure-wd_chat/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://erpscan.io/press-center/blog/sap-security-notes-march-2016-review/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-07-14 13:15
Modified
2024-11-21 05:35
Severity ?
Summary
SAP NetWeaver AS JAVA (IIOP service) (SERVERCORE), versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, and SAP NetWeaver AS JAVA (IIOP service) (CORE-TOOLS), versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker to send a crafted request from a vulnerable web application. It is usually used to target internal systems behind firewalls that are normally inaccessible to an attacker from the external network, resulting in a Server-Side Request Forgery vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://launchpad.support.sap.com/#/notes/2896025 | Permissions Required, Vendor Advisory | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/2896025 | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.10 | |
| sap | netweaver_application_server_java | 7.11 | |
| sap | netweaver_application_server_java | 7.20 | |
| sap | netweaver_application_server_java | 7.30 | |
| sap | netweaver_application_server_java | 7.31 | |
| sap | netweaver_application_server_java | 7.40 | |
| sap | netweaver_application_server_java | 7.50 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.10:*:*:*:*:*:*:*", matchCriteriaId: "D60371A7-F8F4-46F8-9659-DD4EE84B81EA", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.11:*:*:*:*:*:*:*", matchCriteriaId: "C6B085AF-8CEE-4A87-B381-F36C989FB2A0", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.20:*:*:*:*:*:*:*", matchCriteriaId: "43A28C48-4325-4694-88B1-FEE46EBFB0A6", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.30:*:*:*:*:*:*:*", matchCriteriaId: "24A1E0B9-8C28-41BC-B050-237B5F929C9C", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.31:*:*:*:*:*:*:*", matchCriteriaId: "EEAE6C2A-821F-4123-BD56-0FDADF9D63C8", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*", matchCriteriaId: "F5308FCE-8B2C-4B4D-BEE7-3CF544570B68", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", matchCriteriaId: "9C506445-3787-4BFF-A98B-7502A0F7CF80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SAP NetWeaver AS JAVA (IIOP service) (SERVERCORE), versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, and SAP NetWeaver AS JAVA (IIOP service) (CORE-TOOLS), versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker to send a crafted request from a vulnerable web application. It is usually used to target internal systems behind firewalls that are normally inaccessible to an attacker from the external network, resulting in a Server-Side Request Forgery vulnerability.", }, { lang: "es", value: "SAP NetWeaver AS JAVA (servicio IIOP) (SERVERCORE), versiones 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, y SAP NetWeaver AS JAVA (servicio IIOP) (CORE-TOOLS), versiones 7.10, 7.11, 7.20, 7.30 , 7.31, 7.40, 7.50, permite a un atacante enviar una petición diseñada desde una aplicación web vulnerable. Normalmente es usada para apuntar a sistemas internos detrás de los firewalls que normalmente son inaccesibles a un atacante desde la red externa, resultando en una vulnerabilidad de tipo Server-Side Request Forgery", }, ], id: "CVE-2020-6282", lastModified: "2024-11-21T05:35:25.907", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "cna@sap.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-07-14T13:15:12.750", references: [ { source: "cna@sap.com", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://launchpad.support.sap.com/#/notes/2896025", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://launchpad.support.sap.com/#/notes/2896025", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-918", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-11-10 17:15
Modified
2024-11-21 05:20
Severity ?
Summary
SAP NetWeaver AS JAVA, versions - 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker who is authenticated as an administrator to use the administrator console, to expose unauthenticated access to the file system and upload a malicious file. The attacker or another user can then use a separate mechanism to execute OS commands through the uploaded file leading to Privilege Escalation and completely compromise the confidentiality, integrity and availability of the server operating system and any application running on it.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | http://packetstormsecurity.com/files/162086/SAP-Java-OS-Remote-Code-Execution.html | Third Party Advisory, VDB Entry | |
| cna@sap.com | http://seclists.org/fulldisclosure/2021/Apr/7 | Mailing List, Third Party Advisory | |
| cna@sap.com | https://launchpad.support.sap.com/#/notes/2979062 | Permissions Required, Vendor Advisory | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=562725571 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/162086/SAP-Java-OS-Remote-Code-Execution.html | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2021/Apr/7 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/2979062 | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=562725571 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.20 | |
| sap | netweaver_application_server_java | 7.30 | |
| sap | netweaver_application_server_java | 7.31 | |
| sap | netweaver_application_server_java | 7.40 | |
| sap | netweaver_application_server_java | 7.50 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.20:*:*:*:*:*:*:*", matchCriteriaId: "43A28C48-4325-4694-88B1-FEE46EBFB0A6", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.30:*:*:*:*:*:*:*", matchCriteriaId: "24A1E0B9-8C28-41BC-B050-237B5F929C9C", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.31:*:*:*:*:*:*:*", matchCriteriaId: "EEAE6C2A-821F-4123-BD56-0FDADF9D63C8", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*", matchCriteriaId: "F5308FCE-8B2C-4B4D-BEE7-3CF544570B68", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", matchCriteriaId: "9C506445-3787-4BFF-A98B-7502A0F7CF80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SAP NetWeaver AS JAVA, versions - 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker who is authenticated as an administrator to use the administrator console, to expose unauthenticated access to the file system and upload a malicious file. The attacker or another user can then use a separate mechanism to execute OS commands through the uploaded file leading to Privilege Escalation and completely compromise the confidentiality, integrity and availability of the server operating system and any application running on it.", }, { lang: "es", value: "SAP NetWeaver AS JAVA, versiones - 7.20, 7.30, 7.31, 7.40, 7.50, permite a un atacante que es autenticado como administrador usar la consola de administrador, exponer el acceso no autenticado al sistema de archivos y cargar un archivo malicioso. El atacante u otro usuario pueden usar un mecanismo separado para ejecutar los comandos del Sistema Operativo por medio del archivo cargado conllevando a una Escalada de Privilegios y comprometer completamente la confidencialidad, integridad y disponibilidad del sistema operativo del servidor y cualquier aplicación que se ejecute en él", }, ], id: "CVE-2020-26820", lastModified: "2024-11-21T05:20:20.540", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.3, impactScore: 6, source: "cna@sap.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-11-10T17:15:14.173", references: [ { source: "cna@sap.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/162086/SAP-Java-OS-Remote-Code-Execution.html", }, { source: "cna@sap.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2021/Apr/7", }, { source: "cna@sap.com", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://launchpad.support.sap.com/#/notes/2979062", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=562725571", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/162086/SAP-Java-OS-Remote-Code-Execution.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2021/Apr/7", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://launchpad.support.sap.com/#/notes/2979062", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=562725571", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-434", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-07-25 18:29
Modified
2025-04-20 01:37
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in the ctcprotocol/Protocol servlet in SAP NetWeaver AS JAVA 7.3 allows remote attackers to inject arbitrary web script or HTML via the sessionID parameter, aka SAP Security Note 2406783.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/97566 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://erpscan.io/advisories/erpscan-17-017-sap-netweaver-java-7-3-java-xss-ctcprotocolprotocol-servlet/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/97566 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://erpscan.io/advisories/erpscan-17-017-sap-netweaver-java-7-3-java-xss-ctcprotocolprotocol-servlet/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.30 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.30:*:*:*:*:*:*:*", matchCriteriaId: "24A1E0B9-8C28-41BC-B050-237B5F929C9C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Cross-site scripting (XSS) vulnerability in the ctcprotocol/Protocol servlet in SAP NetWeaver AS JAVA 7.3 allows remote attackers to inject arbitrary web script or HTML via the sessionID parameter, aka SAP Security Note 2406783.", }, { lang: "es", value: "La vulnerabilidad de tipo cross-site-scripting (XSS) en el servlet ctcprotocol/Protocol en SAP NetWeaver AS JAVA versión 7.3 permite a los atacantes remotos inyectar scripts web arbitrarios o HTML por medio del parámetro sessionID, también se conoce como Nota de Seguridad de SAP 2406783.", }, ], id: "CVE-2017-11458", lastModified: "2025-04-20T01:37:25.860", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-07-25T18:29:01.133", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/97566", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://erpscan.io/advisories/erpscan-17-017-sap-netweaver-java-7-3-java-xss-ctcprotocolprotocol-servlet/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/97566", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://erpscan.io/advisories/erpscan-17-017-sap-netweaver-java-7-3-java-xss-ctcprotocolprotocol-servlet/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-02-16 15:59
Modified
2025-04-12 10:46
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.4 allows remote attackers to obtain sensitive user information via a crafted HTTP request, aka SAP Security Note 2256846.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | * |
{ cisaActionDue: "2022-06-30", cisaExploitAdd: "2022-06-09", cisaRequiredAction: "Apply updates per vendor instructions.", cisaVulnerabilityName: "SAP NetWeaver Information Disclosure Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:*:*:*:*:*:*:*:*", matchCriteriaId: "70F75AAE-5A52-4B9A-B8E8-8E1BE573B21D", versionEndIncluding: "7.50", versionStartIncluding: "7.10", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.4 allows remote attackers to obtain sensitive user information via a crafted HTTP request, aka SAP Security Note 2256846.", }, { lang: "es", value: "El Universal Worklist Configuration en SAP NetWeaver AS JAVA 7.4 permite a los atacantes remotos obtener información sensible de los usuarios a través de una solicitud HTTP manipulada, también conocida como SAP Security Note 2256846", }, ], id: "CVE-2016-2388", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2016-02-16T15:59:02.103", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/137128/SAP-NetWeaver-AS-JAVA-7.5-Information-Disclosure.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/145860/SAP-NetWeaver-J2EE-Engine-7.40-SQL-Injection.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2016/May/55", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "Broken Link", ], url: "https://erpscan.io/advisories/erpscan-16-010-sap-netweaver-7-4-information-disclosure/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "Broken Link", ], url: "https://erpscan.io/press-center/blog/sap-security-notes-february-2016-review/", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/39841/", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/43495/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/137128/SAP-NetWeaver-AS-JAVA-7.5-Information-Disclosure.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/145860/SAP-NetWeaver-J2EE-Engine-7.40-SQL-Injection.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2016/May/55", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "Broken Link", ], url: "https://erpscan.io/advisories/erpscan-16-010-sap-netweaver-7-4-information-disclosure/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "Broken Link", ], url: "https://erpscan.io/press-center/blog/sap-security-notes-february-2016-review/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/39841/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/43495/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-200", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2023-03-14 05:15
Modified
2024-11-21 07:48
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
SAP NetWeaver Application Server Java for Classload Service - version 7.50, does not perform any authentication checks for functionalities that require user identity, resulting in escalation of privileges. This failure has a low impact on confidentiality of the data such that an unassigned user can read non-sensitive server data.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.50 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", matchCriteriaId: "9C506445-3787-4BFF-A98B-7502A0F7CF80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SAP NetWeaver Application Server Java for Classload Service - version 7.50, does not perform any authentication checks for functionalities that require user identity, resulting in escalation of privileges. This failure has a low impact on confidentiality of the data such that an unassigned user can read non-sensitive server data.\n\n", }, ], id: "CVE-2023-24526", lastModified: "2024-11-21T07:48:03.420", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "cna@sap.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-03-14T05:15:29.347", references: [ { source: "cna@sap.com", tags: [ "Permissions Required", ], url: "https://launchpad.support.sap.com/#/notes/3288394", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "https://launchpad.support.sap.com/#/notes/3288394", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-306", }, ], source: "cna@sap.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-10-10 02:15
Modified
2024-11-21 08:22
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Summary
SAP NetWeaver AS Java (GRMG Heartbeat application) - version 7.50, allows an attacker to send a crafted request from a vulnerable web application, causing limited impact on confidentiality and integrity of the application.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://me.sap.com/notes/3333426 | Permissions Required | |
| cna@sap.com | https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://me.sap.com/notes/3333426 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.50 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", matchCriteriaId: "9C506445-3787-4BFF-A98B-7502A0F7CF80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SAP NetWeaver AS Java (GRMG Heartbeat application) - version 7.50, allows an attacker to send a crafted request from a vulnerable web application, causing limited impact on confidentiality and integrity of the application.\n\n", }, { lang: "es", value: "SAP NetWeaver AS Java (aplicación GRMG Heartbeat): versión 7.50, permite a un atacante enviar una solicitud manipulada desde una aplicación web vulnerable, lo que provoca un impacto limitado en la confidencialidad y la integridad de la aplicación.", }, ], id: "CVE-2023-42477", lastModified: "2024-11-21T08:22:38.047", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 2.5, source: "cna@sap.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 2.5, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-10-10T02:15:11.103", references: [ { source: "cna@sap.com", tags: [ "Permissions Required", ], url: "https://me.sap.com/notes/3333426", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "https://me.sap.com/notes/3333426", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-918", }, ], source: "cna@sap.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-08-12 14:15
Modified
2024-11-21 05:35
Severity ?
Summary
SAP NetWeaver AS JAVA, versions - (ENGINEAPI 7.10; WSRM 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; J2EE-FRMW 7.10, 7.11), does not perform any authentication checks for a web service allowing the attacker to send several payloads and leading to complete denial of service.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://launchpad.support.sap.com/#/notes/2941315 | Permissions Required | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552603345 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/2941315 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552603345 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.10 | |
| sap | netweaver_application_server_java | 7.11 | |
| sap | netweaver_application_server_java | 7.20 | |
| sap | netweaver_application_server_java | 7.30 | |
| sap | netweaver_application_server_java | 7.31 | |
| sap | netweaver_application_server_java | 7.40 | |
| sap | netweaver_application_server_java | 7.50 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.10:*:*:*:*:*:*:*", matchCriteriaId: "D60371A7-F8F4-46F8-9659-DD4EE84B81EA", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.11:*:*:*:*:*:*:*", matchCriteriaId: "C6B085AF-8CEE-4A87-B381-F36C989FB2A0", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.20:*:*:*:*:*:*:*", matchCriteriaId: "43A28C48-4325-4694-88B1-FEE46EBFB0A6", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.30:*:*:*:*:*:*:*", matchCriteriaId: "24A1E0B9-8C28-41BC-B050-237B5F929C9C", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.31:*:*:*:*:*:*:*", matchCriteriaId: "EEAE6C2A-821F-4123-BD56-0FDADF9D63C8", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*", matchCriteriaId: "F5308FCE-8B2C-4B4D-BEE7-3CF544570B68", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", matchCriteriaId: "9C506445-3787-4BFF-A98B-7502A0F7CF80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SAP NetWeaver AS JAVA, versions - (ENGINEAPI 7.10; WSRM 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; J2EE-FRMW 7.10, 7.11), does not perform any authentication checks for a web service allowing the attacker to send several payloads and leading to complete denial of service.", }, { lang: "es", value: "SAP NetWeaver AS JAVA, versiones - (ENGINEAPI 7.10; WSRM 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; J2EE-FRMW 7.10, 7.11), no lleva a cabo ninguna comprobación de autenticación para un servicio web permitiendo al atacante enviar varias cargas útiles y conllevando a una denegación total del servicio", }, ], id: "CVE-2020-6309", lastModified: "2024-11-21T05:35:28.910", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "cna@sap.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-08-12T14:15:14.690", references: [ { source: "cna@sap.com", tags: [ "Permissions Required", ], url: "https://launchpad.support.sap.com/#/notes/2941315", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552603345", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "https://launchpad.support.sap.com/#/notes/2941315", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552603345", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-306", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-03-10 15:15
Modified
2024-11-21 05:48
Severity ?
Summary
SAP Netweaver Application Server Java (Applications based on WebDynpro Java) versions 7.00, 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allow an attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://launchpad.support.sap.com/#/notes/2976947 | Permissions Required, Vendor Advisory | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/2976947 | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.00 | |
| sap | netweaver_application_server_java | 7.10 | |
| sap | netweaver_application_server_java | 7.11 | |
| sap | netweaver_application_server_java | 7.20 | |
| sap | netweaver_application_server_java | 7.30 | |
| sap | netweaver_application_server_java | 7.31 | |
| sap | netweaver_application_server_java | 7.40 | |
| sap | netweaver_application_server_java | 7.50 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.00:*:*:*:*:*:*:*", matchCriteriaId: "E54400D5-E5A3-4EE7-B4DC-9D44C9C5278E", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.10:*:*:*:*:*:*:*", matchCriteriaId: "D60371A7-F8F4-46F8-9659-DD4EE84B81EA", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.11:*:*:*:*:*:*:*", matchCriteriaId: "C6B085AF-8CEE-4A87-B381-F36C989FB2A0", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.20:*:*:*:*:*:*:*", matchCriteriaId: "43A28C48-4325-4694-88B1-FEE46EBFB0A6", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.30:*:*:*:*:*:*:*", matchCriteriaId: "24A1E0B9-8C28-41BC-B050-237B5F929C9C", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.31:*:*:*:*:*:*:*", matchCriteriaId: "EEAE6C2A-821F-4123-BD56-0FDADF9D63C8", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*", matchCriteriaId: "F5308FCE-8B2C-4B4D-BEE7-3CF544570B68", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", matchCriteriaId: "9C506445-3787-4BFF-A98B-7502A0F7CF80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SAP Netweaver Application Server Java (Applications based on WebDynpro Java) versions 7.00, 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allow an attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities.", }, { lang: "es", value: "SAP Netweaver Application Server Java (Aplicaciones basadas en WebDynpro Java) versiones 7.00, 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, permiten a un atacante redireccionar a usuarios a un sitio malicioso debido a vulnerabilidades de Reverse Tabnabbing", }, ], id: "CVE-2021-21491", lastModified: "2024-11-21T05:48:28.823", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "cna@sap.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-03-10T15:15:12.820", references: [ { source: "cna@sap.com", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://launchpad.support.sap.com/#/notes/2976947", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://launchpad.support.sap.com/#/notes/2976947", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-601", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-10 13:15
Modified
2024-11-21 05:35
Severity ?
Summary
Standalone clients connecting to SAP NetWeaver AS Java via P4 Protocol, versions (SAP-JEECOR 7.00, 7.01; SERVERCOR 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; CORE-TOOLS 7.00, 7.01, 7.02, 7.05, 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50) do not perform any authentication checks for operations that require user identity leading to Authentication Bypass.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://launchpad.support.sap.com/#/notes/2878568 | Permissions Required | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=547426775 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/2878568 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=547426775 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.00 | |
| sap | netweaver_application_server_java | 7.01 | |
| sap | netweaver_application_server_java | 7.02 | |
| sap | netweaver_application_server_java | 7.05 | |
| sap | netweaver_application_server_java | 7.10 | |
| sap | netweaver_application_server_java | 7.11 | |
| sap | netweaver_application_server_java | 7.20 | |
| sap | netweaver_application_server_java | 7.30 | |
| sap | netweaver_application_server_java | 7.31 | |
| sap | netweaver_application_server_java | 7.40 | |
| sap | netweaver_application_server_java | 7.50 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.00:*:*:*:*:*:*:*", matchCriteriaId: "E54400D5-E5A3-4EE7-B4DC-9D44C9C5278E", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.01:*:*:*:*:*:*:*", matchCriteriaId: "21C04FCB-9D92-4A7F-85C1-D0E9F57AB5CC", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.02:*:*:*:*:*:*:*", matchCriteriaId: "2BE070A1-CE51-406E-B420-AD535EE06179", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.05:*:*:*:*:*:*:*", matchCriteriaId: "6DFAEAAD-1A54-44FC-88F9-729793057B81", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.10:*:*:*:*:*:*:*", matchCriteriaId: "D60371A7-F8F4-46F8-9659-DD4EE84B81EA", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.11:*:*:*:*:*:*:*", matchCriteriaId: "C6B085AF-8CEE-4A87-B381-F36C989FB2A0", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.20:*:*:*:*:*:*:*", matchCriteriaId: "43A28C48-4325-4694-88B1-FEE46EBFB0A6", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.30:*:*:*:*:*:*:*", matchCriteriaId: "24A1E0B9-8C28-41BC-B050-237B5F929C9C", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.31:*:*:*:*:*:*:*", matchCriteriaId: "EEAE6C2A-821F-4123-BD56-0FDADF9D63C8", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*", matchCriteriaId: "F5308FCE-8B2C-4B4D-BEE7-3CF544570B68", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", matchCriteriaId: "9C506445-3787-4BFF-A98B-7502A0F7CF80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Standalone clients connecting to SAP NetWeaver AS Java via P4 Protocol, versions (SAP-JEECOR 7.00, 7.01; SERVERCOR 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; CORE-TOOLS 7.00, 7.01, 7.02, 7.05, 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50) do not perform any authentication checks for operations that require user identity leading to Authentication Bypass.", }, { lang: "es", value: "Los clientes dedicados que se conectan a SAP NetWeaver AS Java por medio del protocolo P4, versiones (SAP-JEECOR 7.00, 7.01; SERVERCOR 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; CORE-TOOLS 7.00, 7.01, 7.02, 7.05, 7.10, 7.11 , 7.20, 7.30, 7.31, 7.40, 7.50), no realiza ninguna comprobación de autenticación para las operaciones que requieren identidad del usuario conllevando a una Omisión de Autenticación", }, ], id: "CVE-2020-6263", lastModified: "2024-11-21T05:35:24.120", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.9, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:H", version: "3.0", }, exploitabilityScore: 1.7, impactScore: 4.7, source: "cna@sap.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-10T13:15:18.010", references: [ { source: "cna@sap.com", tags: [ "Permissions Required", ], url: "https://launchpad.support.sap.com/#/notes/2878568", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=547426775", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "https://launchpad.support.sap.com/#/notes/2878568", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=547426775", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-306", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-03-12 01:15
Modified
2025-02-07 17:25
Severity ?
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Summary
SAP NetWeaver Administrator AS Java (Administrator Log Viewer plug-in) - version 7.50, allows an attacker with high privileges to upload potentially dangerous files which leads to command injection vulnerability. This would enable the attacker to run commands which can cause high impact on confidentiality, integrity and availability of the application.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.5 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.5:*:*:*:*:*:*:*", matchCriteriaId: "CFF5713B-C0C4-4062-BC6F-0BBD1E6FF620", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SAP NetWeaver Administrator AS Java (Administrator Log Viewer plug-in) - version 7.50, allows an attacker with high privileges to upload potentially dangerous files which leads to command injection vulnerability. This would enable the attacker to run commands which can cause high impact on confidentiality, integrity and availability of the application.", }, { lang: "es", value: "SAP NetWeaver Administrator AS Java (complemento Administrator Log Viewer): versión 7.50, permite a un atacante con altos privilegios cargar archivos potencialmente peligrosos, lo que conduce a una vulnerabilidad de inyección de comandos. Esto permitiría al atacante ejecutar comandos que pueden causar un gran impacto en la confidencialidad, integridad y disponibilidad de la aplicación.", }, ], id: "CVE-2024-22127", lastModified: "2025-02-07T17:25:17.913", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 6, source: "cna@sap.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-03-12T01:15:49.060", references: [ { source: "cna@sap.com", tags: [ "Permissions Required", ], url: "https://me.sap.com/notes/3433192", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html?anchorId=section_370125364", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "https://me.sap.com/notes/3433192", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html?anchorId=section_370125364", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "cna@sap.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-07-10 20:15
Modified
2024-11-21 04:16
Severity ?
Summary
SAP NetWeaver for Java Application Server - Web Container, (engineapi, versions 7.1, 7.2, 7.3, 7.31, 7.4 and 7.5), (servercode, versions 7.2, 7.3, 7.31, 7.4, 7.5), allows an attacker to upload files (including script files) without proper file format validation.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | http://www.securityfocus.com/bid/109071 | Third Party Advisory, VDB Entry | |
| cna@sap.com | https://launchpad.support.sap.com/#/notes/2777910 | Permissions Required, Vendor Advisory | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523994575 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/109071 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/2777910 | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523994575 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.10 | |
| sap | netweaver_application_server_java | 7.20 | |
| sap | netweaver_application_server_java | 7.30 | |
| sap | netweaver_application_server_java | 7.31 | |
| sap | netweaver_application_server_java | 7.40 | |
| sap | netweaver_application_server_java | 7.50 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.10:*:*:*:*:*:*:*", matchCriteriaId: "D60371A7-F8F4-46F8-9659-DD4EE84B81EA", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.20:*:*:*:*:*:*:*", matchCriteriaId: "43A28C48-4325-4694-88B1-FEE46EBFB0A6", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.30:*:*:*:*:*:*:*", matchCriteriaId: "24A1E0B9-8C28-41BC-B050-237B5F929C9C", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.31:*:*:*:*:*:*:*", matchCriteriaId: "EEAE6C2A-821F-4123-BD56-0FDADF9D63C8", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*", matchCriteriaId: "F5308FCE-8B2C-4B4D-BEE7-3CF544570B68", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", matchCriteriaId: "9C506445-3787-4BFF-A98B-7502A0F7CF80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SAP NetWeaver for Java Application Server - Web Container, (engineapi, versions 7.1, 7.2, 7.3, 7.31, 7.4 and 7.5), (servercode, versions 7.2, 7.3, 7.31, 7.4, 7.5), allows an attacker to upload files (including script files) without proper file format validation.", }, { lang: "es", value: "SAP NetWeaver para Java Application Server - Web Container, (engineapi, versiones 7.1, 7.2, 7.3, 7.31, 7.4 y 7.5), (servercode, versiones 7.2, 7.3, 7.31, 7.4, 7.5), permiten a un atacante cargar archivos (incluyendo archivos de script) sin la comprobación apropiada del formato del archivo.", }, ], id: "CVE-2019-0327", lastModified: "2024-11-21T04:16:41.290", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-07-10T20:15:12.060", references: [ { source: "cna@sap.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/109071", }, { source: "cna@sap.com", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://launchpad.support.sap.com/#/notes/2777910", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523994575", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/109071", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://launchpad.support.sap.com/#/notes/2777910", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523994575", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-434", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-12-11 22:29
Modified
2024-11-21 04:03
Severity ?
Summary
SAP NetWeaver AS Java Web Container service does not validate against whitelist the HTTP host header which can result in HTTP Host Header Manipulation or Cross-Site Scripting (XSS) vulnerability. This is fixed in versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | http://www.securityfocus.com/bid/106150 | Third Party Advisory, VDB Entry | |
| cna@sap.com | https://launchpad.support.sap.com/#/notes/2718993 | Permissions Required | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/106150 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/2718993 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.10 | |
| sap | netweaver_application_server_java | 7.11 | |
| sap | netweaver_application_server_java | 7.20 | |
| sap | netweaver_application_server_java | 7.30 | |
| sap | netweaver_application_server_java | 7.31 | |
| sap | netweaver_application_server_java | 7.40 | |
| sap | netweaver_application_server_java | 7.50 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.10:*:*:*:*:*:*:*", matchCriteriaId: "D60371A7-F8F4-46F8-9659-DD4EE84B81EA", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.11:*:*:*:*:*:*:*", matchCriteriaId: "C6B085AF-8CEE-4A87-B381-F36C989FB2A0", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.20:*:*:*:*:*:*:*", matchCriteriaId: "43A28C48-4325-4694-88B1-FEE46EBFB0A6", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.30:*:*:*:*:*:*:*", matchCriteriaId: "24A1E0B9-8C28-41BC-B050-237B5F929C9C", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.31:*:*:*:*:*:*:*", matchCriteriaId: "EEAE6C2A-821F-4123-BD56-0FDADF9D63C8", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*", matchCriteriaId: "F5308FCE-8B2C-4B4D-BEE7-3CF544570B68", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", matchCriteriaId: "9C506445-3787-4BFF-A98B-7502A0F7CF80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SAP NetWeaver AS Java Web Container service does not validate against whitelist the HTTP host header which can result in HTTP Host Header Manipulation or Cross-Site Scripting (XSS) vulnerability. This is fixed in versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50.", }, { lang: "es", value: "El servicio Java Web Container, de SAP NetWeaver AS, no valida contra una lista blanca la cabecera HTTP del host, lo que puede resultar en una vulnerabilidad de manipulación de la cabecera HTTP del host o de Cross-Site Scripting (XSS). La vulnerabilidad se ha solucionado en las versiones 7.10, 7.11, 7.20, 7.30, 7.31, 7.40 y 7.50.", }, ], id: "CVE-2018-2504", lastModified: "2024-11-21T04:03:55.793", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-12-11T22:29:00.640", references: [ { source: "cna@sap.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106150", }, { source: "cna@sap.com", tags: [ "Permissions Required", ], url: "https://launchpad.support.sap.com/#/notes/2718993", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106150", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "https://launchpad.support.sap.com/#/notes/2718993", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-02-13 03:15
Modified
2024-11-21 08:59
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
SAP NetWeaver AS Java (CAF - Guided Procedures) - version 7.50, allows an unauthenticated attacker to submit a malicious request with a crafted XML file over the network, which when parsed will enable him to access sensitive files and data but not modify them. There are expansion limits in place so that availability is not affected.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://me.sap.com/notes/3426111 | Permissions Required | |
| cna@sap.com | https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://me.sap.com/notes/3426111 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.50 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", matchCriteriaId: "9C506445-3787-4BFF-A98B-7502A0F7CF80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SAP NetWeaver AS Java (CAF - Guided Procedures) - version 7.50, allows an unauthenticated attacker to submit a malicious request with a crafted XML file over the network, which when parsed will enable him to access sensitive files and data but not modify them. There are expansion limits in place so that availability is not affected.\n\n", }, { lang: "es", value: "SAP NetWeaver AS Java (CAF - Procedimientos guiados): versión 7.50, permite a un atacante no autenticado enviar una solicitud maliciosa con un archivo XML manipulado a través de la red, que cuando se analiza le permitirá acceder a archivos y datos confidenciales, pero no modificarlos. Existen límites de expansión establecidos para que la disponibilidad no se vea afectada.", }, ], id: "CVE-2024-24743", lastModified: "2024-11-21T08:59:36.497", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 4, source: "cna@sap.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-02-13T03:15:09.393", references: [ { source: "cna@sap.com", tags: [ "Permissions Required", ], url: "https://me.sap.com/notes/3426111", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "https://me.sap.com/notes/3426111", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-611", }, ], source: "cna@sap.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-04-07 23:59
Modified
2025-04-12 10:46
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
Directory traversal vulnerability in SAP NetWeaver AS Java 7.1 through 7.5 allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the fileName parameter to CrashFileDownloadServlet, aka SAP Security Note 2234971.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | * |
{ cisaActionDue: "2022-05-03", cisaExploitAdd: "2021-11-03", cisaRequiredAction: "Apply updates per vendor instructions.", cisaVulnerabilityName: "SAP NetWeaver Directory Traversal Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:*:*:*:*:*:*:*:*", matchCriteriaId: "70F75AAE-5A52-4B9A-B8E8-8E1BE573B21D", versionEndIncluding: "7.50", versionStartIncluding: "7.10", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Directory traversal vulnerability in SAP NetWeaver AS Java 7.1 through 7.5 allows remote attackers to read arbitrary files via a ..\\ (dot dot backslash) in the fileName parameter to CrashFileDownloadServlet, aka SAP Security Note 2234971.", }, { lang: "es", value: "Vulnerabilidad de salto de directorio en SAP NetWeaver AS Java 7.1 hasta la versión 7.5 permite a atacantes remotos leer archivos arbitrarios a través de ..\\ (punto punto barra invertida) en el parámetro fileName para CrashFileDownloadServlet, también conocida como SAP Security Note 2234971.", }, ], id: "CVE-2016-3976", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2016-04-07T23:59:10.797", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/137528/SAP-NetWeaver-AS-JAVA-7.5-Directory-Traversal.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2016/Jun/40", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://erpscan.io/advisories/erpscan-16-012/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://erpscan.io/press-center/blog/sap-security-notes-march-2016-review/", }, { source: "cve@mitre.org", tags: [ "Permissions Required", ], url: "https://launchpad.support.sap.com/#/notes/2234971", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/39996/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/137528/SAP-NetWeaver-AS-JAVA-7.5-Directory-Traversal.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2016/Jun/40", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://erpscan.io/advisories/erpscan-16-012/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://erpscan.io/press-center/blog/sap-security-notes-march-2016-review/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "https://launchpad.support.sap.com/#/notes/2234971", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/39996/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-22", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2016-04-08 00:59
Modified
2025-04-12 10:46
Severity ?
Summary
The XML Data Archiving Service (XML DAS) in SAP NetWeaver AS Java does not check authorization, which allows remote authenticated users to obtain sensitive information, gain privileges, or possibly have unspecified other impact via requests to (1) webcontent/cas/cas_enter.jsp, (2) webcontent/cas/cas_validate.jsp, or (3) webcontent/aas/aas_store.jsp, aka SAP Security Note 1945215.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:-:*:*:*:*:*:*:*", matchCriteriaId: "186A8050-2B2A-4178-A0AA-4AB91196B707", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The XML Data Archiving Service (XML DAS) in SAP NetWeaver AS Java does not check authorization, which allows remote authenticated users to obtain sensitive information, gain privileges, or possibly have unspecified other impact via requests to (1) webcontent/cas/cas_enter.jsp, (2) webcontent/cas/cas_validate.jsp, or (3) webcontent/aas/aas_store.jsp, aka SAP Security Note 1945215.", }, { lang: "es", value: "El XML Data Archiving Service (XML DAS) en SAP NetWeaver AS Java no comprueba la autorización, lo que permite a usuarios remotos autenticados obtener información sensible, obtener privilegios o posiblemente tener otro impacto no especificado a través de peticiones (1) webcontent/cas/cas_enter.jsp, (2) webcontent/cas/cas_validate.jsp o (3) webcontent/aas/aas_store.jsp, también conocido como SAP Security Note 1945215.", }, ], id: "CVE-2015-8840", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-04-08T00:59:00.120", references: [ { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://scn.sap.com/community/security/blog/2015/07/15/sap-security-notes-july-2015", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://erpscan.io/advisories/erpscan-15-017-sap-netweaver-j2ee-das-service-unauthorized-access/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://scn.sap.com/community/security/blog/2015/07/15/sap-security-notes-july-2015", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://erpscan.io/advisories/erpscan-15-017-sap-netweaver-j2ee-das-service-unauthorized-access/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-862", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-02-09 23:15
Modified
2024-11-21 06:46
Severity ?
Summary
Due to improper error handling in SAP NetWeaver Application Server Java - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, an attacker could submit multiple HTTP server requests resulting in errors, such that it consumes the memory buffer. This could result in system shutdown rendering the system unavailable.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://launchpad.support.sap.com/#/notes/3123427 | Permissions Required, Vendor Advisory | |
| cna@sap.com | https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/3123427 | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.22 | |
| sap | netweaver_application_server_java | 7.49 | |
| sap | netweaver_application_server_java | 7.53 | |
| sap | netweaver_application_server_java | krnl64nuc_7.22 | |
| sap | netweaver_application_server_java | krnl64nuc_7.22ext | |
| sap | netweaver_application_server_java | krnl64nuc_7.49 | |
| sap | netweaver_application_server_java | krnl64uc_7.22 | |
| sap | netweaver_application_server_java | krnl64uc_7.22ext | |
| sap | netweaver_application_server_java | krnl64uc_7.49 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.22:*:*:*:*:*:*:*", matchCriteriaId: "0C50443A-8C3D-46D3-8FF7-A4CFC2C0C184", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.49:*:*:*:*:*:*:*", matchCriteriaId: "CA667A93-ADC5-4B46-8CE0-6AC3535B0BC1", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.53:*:*:*:*:*:*:*", matchCriteriaId: "C31830DA-EA34-46F7-9CE5-4BFEAD7B19D2", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:krnl64nuc_7.22:*:*:*:*:*:*:*", matchCriteriaId: "9374DC36-C1F6-475B-9EED-052A50A73DA6", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:krnl64nuc_7.22ext:*:*:*:*:*:*:*", matchCriteriaId: "411B23E4-EE88-43EE-975D-BB2D306846F1", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:krnl64nuc_7.49:*:*:*:*:*:*:*", matchCriteriaId: "15DD63FA-A334-4CA9-AAF1-5F6B0DE78703", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:krnl64uc_7.22:*:*:*:*:*:*:*", matchCriteriaId: "B674D815-7910-46E6-B8D0-4819ED7B56A6", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:krnl64uc_7.22ext:*:*:*:*:*:*:*", matchCriteriaId: "E860E042-5EBC-4AEA-9EFB-C1CF99EDEA96", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:krnl64uc_7.49:*:*:*:*:*:*:*", matchCriteriaId: "F050C2CF-C104-483A-A6B7-E6E67BFE68CF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Due to improper error handling in SAP NetWeaver Application Server Java - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, an attacker could submit multiple HTTP server requests resulting in errors, such that it consumes the memory buffer. This could result in system shutdown rendering the system unavailable.", }, { lang: "es", value: "Debido a un manejo inapropiado de errores en SAP NetWeaver Application Server Java - versiones KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, un atacante podría enviar múltiples peticiones al servidor HTTP que resulten en errores, de tal manera que consuma el buffer de memoria. Esto podría resultar en el cierre del sistema haciendo que el sistema no esté disponible", }, ], id: "CVE-2022-22533", lastModified: "2024-11-21T06:46:58.387", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-02-09T23:15:18.483", references: [ { source: "cna@sap.com", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://launchpad.support.sap.com/#/notes/3123427", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://launchpad.support.sap.com/#/notes/3123427", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "cna@sap.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-09-19 16:29
Modified
2025-04-20 01:37
Severity ?
Summary
The Host Control web service in SAP NetWeaver AS JAVA 7.0 through 7.5 allows remote attackers to cause a denial of service (service crash) via a crafted request, aka SAP Security Note 2389181.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://erpscan.io/advisories/erpscan-17-030-sap-hostcontrol-remote-dos/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://erpscan.io/advisories/erpscan-17-030-sap-hostcontrol-remote-dos/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:*:*:*:*:*:*:*:*", matchCriteriaId: "BE4E8DEC-7C97-46AC-9780-2BA5462EC949", versionEndIncluding: "7.50", versionStartIncluding: "7.00", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Host Control web service in SAP NetWeaver AS JAVA 7.0 through 7.5 allows remote attackers to cause a denial of service (service crash) via a crafted request, aka SAP Security Note 2389181.", }, { lang: "es", value: "El servicio web Host Control en SAP NetWeaver AS JAVA en sus versiones 7.0 a 7.5 permite que los atacantes remotos provoquen una denegación de servicio (cierre inesperado del servicio) mediante una petición manipulada. Esto también se conoce como SAP Security Note 2389181.", }, ], id: "CVE-2017-14581", lastModified: "2025-04-20T01:37:25.860", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-09-19T16:29:00.403", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://erpscan.io/advisories/erpscan-17-030-sap-hostcontrol-remote-dos/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://erpscan.io/advisories/erpscan-17-030-sap-hostcontrol-remote-dos/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-09-14 12:15
Modified
2024-11-21 06:15
Severity ?
Summary
SAP NetWeaver Application Server Java (JMS Connector Service) - versions 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not perform necessary authorization checks for user privileges.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://launchpad.support.sap.com/#/notes/3078609 | Permissions Required | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=585106405 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/3078609 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=585106405 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.11 | |
| sap | netweaver_application_server_java | 7.20 | |
| sap | netweaver_application_server_java | 7.30 | |
| sap | netweaver_application_server_java | 7.31 | |
| sap | netweaver_application_server_java | 7.40 | |
| sap | netweaver_application_server_java | 7.50 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.11:*:*:*:*:*:*:*", matchCriteriaId: "C6B085AF-8CEE-4A87-B381-F36C989FB2A0", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.20:*:*:*:*:*:*:*", matchCriteriaId: "43A28C48-4325-4694-88B1-FEE46EBFB0A6", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.30:*:*:*:*:*:*:*", matchCriteriaId: "24A1E0B9-8C28-41BC-B050-237B5F929C9C", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.31:*:*:*:*:*:*:*", matchCriteriaId: "EEAE6C2A-821F-4123-BD56-0FDADF9D63C8", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*", matchCriteriaId: "F5308FCE-8B2C-4B4D-BEE7-3CF544570B68", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", matchCriteriaId: "9C506445-3787-4BFF-A98B-7502A0F7CF80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SAP NetWeaver Application Server Java (JMS Connector Service) - versions 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not perform necessary authorization checks for user privileges.", }, { lang: "es", value: "SAP NetWeaver Application Server Java (JMS Connector Service) - versiones 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, no realiza las comprobaciones de autorización necesarias para los privilegios de los usuarios", }, ], id: "CVE-2021-37535", lastModified: "2024-11-21T06:15:19.843", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 10, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 6, source: "cna@sap.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-09-14T12:15:10.333", references: [ { source: "cna@sap.com", tags: [ "Permissions Required", ], url: "https://launchpad.support.sap.com/#/notes/3078609", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=585106405", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "https://launchpad.support.sap.com/#/notes/3078609", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=585106405", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-862", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-12-09 17:15
Modified
2024-11-21 05:20
Severity ?
Summary
Process Integration Monitoring of SAP NetWeaver AS JAVA, versions - 7.31, 7.40, 7.50, allows an attacker to upload any file (including script files) without proper file format validation, leading to Unrestricted File Upload.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://launchpad.support.sap.com/#/notes/2974330 | Permissions Required | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/2974330 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.31 | |
| sap | netweaver_application_server_java | 7.40 | |
| sap | netweaver_application_server_java | 7.50 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.31:*:*:*:*:*:*:*", matchCriteriaId: "EEAE6C2A-821F-4123-BD56-0FDADF9D63C8", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*", matchCriteriaId: "F5308FCE-8B2C-4B4D-BEE7-3CF544570B68", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", matchCriteriaId: "9C506445-3787-4BFF-A98B-7502A0F7CF80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Process Integration Monitoring of SAP NetWeaver AS JAVA, versions - 7.31, 7.40, 7.50, allows an attacker to upload any file (including script files) without proper file format validation, leading to Unrestricted File Upload.", }, { lang: "es", value: "Process Integration Monitoring de SAP NetWeaver AS JAVA, versiones 7.31, 7.40, 7.50, permite a un atacante cargar cualquier archivo (incluyendo los archivos de script) sin la comprobación apropiada del formato de archivo, conllevando a una Carga de Archivos Sin Restricciones", }, ], id: "CVE-2020-26826", lastModified: "2024-11-21T05:20:21.237", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 4, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "cna@sap.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-12-09T17:15:30.900", references: [ { source: "cna@sap.com", tags: [ "Permissions Required", ], url: "https://launchpad.support.sap.com/#/notes/2974330", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "https://launchpad.support.sap.com/#/notes/2974330", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-434", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-04-07 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
XML external entity (XXE) vulnerability in the Configuration Wizard in SAP NetWeaver Java AS 7.1 through 7.5 allows remote attackers to cause a denial of service, conduct SMB Relay attacks, or access arbitrary files via a crafted XML request to _tc~monitoring~webservice~web/ServerNodesWSService, aka SAP Security Note 2235994.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:*:*:*:*:*:*:*:*", matchCriteriaId: "70F75AAE-5A52-4B9A-B8E8-8E1BE573B21D", versionEndIncluding: "7.50", versionStartIncluding: "7.10", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "XML external entity (XXE) vulnerability in the Configuration Wizard in SAP NetWeaver Java AS 7.1 through 7.5 allows remote attackers to cause a denial of service, conduct SMB Relay attacks, or access arbitrary files via a crafted XML request to _tc~monitoring~webservice~web/ServerNodesWSService, aka SAP Security Note 2235994.", }, { lang: "es", value: "Vulnerabilidad de XXE en Configuration Wizard en SAP NetWeaver Java AS 7.1 hasta la versión 7.5 permite a atacantes remotos provocar una denegación de servicio, llevar a cabo ataques SMB Relay o acceder a archivos arbitrarios a través de una petición XML manipulada para _tc~monitoring~webservice~web/ServerNodesWSService, también conocida como SAP Security Note 2235994.", }, ], id: "CVE-2016-3974", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-04-07T19:59:05.240", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/137527/SAP-NetWeaver-AS-JAVA-7.5-XXE-Injection.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2016/Jun/41", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://erpscan.io/advisories/erpscan-16-013-sap-netweaver-7-4-ctcprotocol-servlet-xxe/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://erpscan.io/press-center/blog/sap-security-notes-march-2016-review/", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/39995/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/137527/SAP-NetWeaver-AS-JAVA-7.5-XXE-Injection.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2016/Jun/41", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://erpscan.io/advisories/erpscan-16-013-sap-netweaver-7-4-ctcprotocol-servlet-xxe/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://erpscan.io/press-center/blog/sap-security-notes-march-2016-review/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/39995/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-611", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-07-14 13:15
Modified
2025-03-13 17:28
Severity ?
Summary
SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, does not perform an authentication check which allows an attacker without prior authentication to execute configuration tasks to perform critical actions against the SAP Java system, including the ability to create an administrative user, and therefore compromising Confidentiality, Integrity and Availability of the system, leading to Missing Authentication Check.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.30 | |
| sap | netweaver_application_server_java | 7.31 | |
| sap | netweaver_application_server_java | 7.40 | |
| sap | netweaver_application_server_java | 7.50 |
{ cisaActionDue: "2022-05-03", cisaExploitAdd: "2021-11-03", cisaRequiredAction: "Apply updates per vendor instructions.", cisaVulnerabilityName: "SAP NetWeaver Missing Authentication for Critical Function Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.30:*:*:*:*:*:*:*", matchCriteriaId: "24A1E0B9-8C28-41BC-B050-237B5F929C9C", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.31:*:*:*:*:*:*:*", matchCriteriaId: "EEAE6C2A-821F-4123-BD56-0FDADF9D63C8", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*", matchCriteriaId: "F5308FCE-8B2C-4B4D-BEE7-3CF544570B68", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", matchCriteriaId: "9C506445-3787-4BFF-A98B-7502A0F7CF80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, does not perform an authentication check which allows an attacker without prior authentication to execute configuration tasks to perform critical actions against the SAP Java system, including the ability to create an administrative user, and therefore compromising Confidentiality, Integrity and Availability of the system, leading to Missing Authentication Check.", }, { lang: "es", value: "SAP NetWeaver AS JAVA (LM Configuration Wizard), versiones 7.30, 7.31, 7.40, 7.50, no lleva a cabo una comprobación de autenticación que permite a un atacante sin autenticación previa ejecutar tareas de configuración para llevar a cabo acciones críticas contra el sistema SAP Java, incluyendo la capacidad para crear un usuario administrativo y, por lo tanto, comprometiendo la Confidencialidad, Integridad y la Disponibilidad del sistema, conllevando a una Falta de Comprobación de Autenticación", }, ], id: "CVE-2020-6287", lastModified: "2025-03-13T17:28:24.450", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 10, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 6, source: "cna@sap.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 10, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-07-14T13:15:13.000", references: [ { source: "cna@sap.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/162085/SAP-JAVA-Configuration-Task-Execution.html", }, { source: "cna@sap.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2021/Apr/6", }, { source: "cna@sap.com", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://launchpad.support.sap.com/#/notes/2934135", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675", }, { source: "cna@sap.com", tags: [ "Third Party Advisory", ], url: "https://www.onapsis.com/recon-sap-cyber-security-vulnerability", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/162085/SAP-JAVA-Configuration-Task-Execution.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2021/Apr/6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://launchpad.support.sap.com/#/notes/2934135", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.onapsis.com/recon-sap-cyber-security-vulnerability", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-306", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-306", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2019-07-10 19:15
Modified
2024-11-21 04:16
Severity ?
Summary
Under certain conditions SAP NetWeaver Application Server for Java (Startup Framework), versions 7.21, 7.22, 7.45, 7.49, and 7.53, allows an attacker to access information which would otherwise be restricted.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | http://www.securityfocus.com/bid/109069 | Third Party Advisory, VDB Entry | |
| cna@sap.com | https://launchpad.support.sap.com/#/notes/2738791 | Permissions Required, Vendor Advisory | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523994575 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/109069 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/2738791 | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523994575 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.21 | |
| sap | netweaver_application_server_java | 7.22 | |
| sap | netweaver_application_server_java | 7.45 | |
| sap | netweaver_application_server_java | 7.49 | |
| sap | netweaver_application_server_java | 7.53 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.21:*:*:*:*:*:*:*", matchCriteriaId: "852F9750-8F1A-4592-BE4B-7CBBDE42082E", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.22:*:*:*:*:*:*:*", matchCriteriaId: "0C50443A-8C3D-46D3-8FF7-A4CFC2C0C184", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.45:*:*:*:*:*:*:*", matchCriteriaId: "86DFF2A2-30BF-41D6-BDBB-AAF2E1750836", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.49:*:*:*:*:*:*:*", matchCriteriaId: "CA667A93-ADC5-4B46-8CE0-6AC3535B0BC1", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.53:*:*:*:*:*:*:*", matchCriteriaId: "C31830DA-EA34-46F7-9CE5-4BFEAD7B19D2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Under certain conditions SAP NetWeaver Application Server for Java (Startup Framework), versions 7.21, 7.22, 7.45, 7.49, and 7.53, allows an attacker to access information which would otherwise be restricted.", }, { lang: "es", value: "Bajo ciertas condiciones SAP NetWeaver Application Server para Java (Framework Startup), versiones 7.21, 7.22, 7.45, 7.49 y 7.53, permite a un atacante acceder a información que de otra manera estaría restringida.", }, ], id: "CVE-2019-0318", lastModified: "2024-11-21T04:16:40.580", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 3.5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:S/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 1.6, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-07-10T19:15:10.143", references: [ { source: "cna@sap.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/109069", }, { source: "cna@sap.com", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://launchpad.support.sap.com/#/notes/2738791", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523994575", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/109069", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://launchpad.support.sap.com/#/notes/2738791", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523994575", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-04-13 19:15
Modified
2024-11-21 05:48
Severity ?
Summary
SAP NetWeaver Application Server Java(HTTP Service), versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently validate logon group in URLs, resulting in a content spoofing vulnerability when directory listing is enabled.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://launchpad.support.sap.com/#/notes/3025637 | Permissions Required | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=573801649 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/3025637 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=573801649 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.10 | |
| sap | netweaver_application_server_java | 7.11 | |
| sap | netweaver_application_server_java | 7.20 | |
| sap | netweaver_application_server_java | 7.30 | |
| sap | netweaver_application_server_java | 7.31 | |
| sap | netweaver_application_server_java | 7.40 | |
| sap | netweaver_application_server_java | 7.50 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.10:*:*:*:*:*:*:*", matchCriteriaId: "D60371A7-F8F4-46F8-9659-DD4EE84B81EA", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.11:*:*:*:*:*:*:*", matchCriteriaId: "C6B085AF-8CEE-4A87-B381-F36C989FB2A0", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.20:*:*:*:*:*:*:*", matchCriteriaId: "43A28C48-4325-4694-88B1-FEE46EBFB0A6", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.30:*:*:*:*:*:*:*", matchCriteriaId: "24A1E0B9-8C28-41BC-B050-237B5F929C9C", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.31:*:*:*:*:*:*:*", matchCriteriaId: "EEAE6C2A-821F-4123-BD56-0FDADF9D63C8", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*", matchCriteriaId: "F5308FCE-8B2C-4B4D-BEE7-3CF544570B68", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", matchCriteriaId: "9C506445-3787-4BFF-A98B-7502A0F7CF80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SAP NetWeaver Application Server Java(HTTP Service), versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently validate logon group in URLs, resulting in a content spoofing vulnerability when directory listing is enabled.", }, { lang: "es", value: "SAP NetWeaver Application Server Java (HTTP Service), versiones - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, no comprueba suficientemente el grupo de inicio de sesión en las URL, resultando en una vulnerabilidad de suplantación de contenido cuando la lista de directorios está habilitada", }, ], id: "CVE-2021-21492", lastModified: "2024-11-21T05:48:28.940", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "cna@sap.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-04-13T19:15:14.053", references: [ { source: "cna@sap.com", tags: [ "Permissions Required", ], url: "https://launchpad.support.sap.com/#/notes/3025637", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=573801649", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "https://launchpad.support.sap.com/#/notes/3025637", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=573801649", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-290", }, ], source: "cna@sap.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-290", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-12-09 17:15
Modified
2024-11-21 05:20
Severity ?
Summary
SAP NetWeaver AS JAVA (P2P Cluster Communication), versions - 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows arbitrary connections from processes because of missing authentication check, that are outside the cluster and even outside the network segment dedicated for the internal cluster communication. As result, an unauthenticated attacker can invoke certain functions that would otherwise be restricted to system administrators only, including access to system administration functions or shutting down the system completely.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | http://packetstormsecurity.com/files/163166/SAP-Netweaver-JAVA-7.50-Missing-Authorization.html | Third Party Advisory | |
| cna@sap.com | http://seclists.org/fulldisclosure/2021/Jun/33 | Mailing List, Third Party Advisory | |
| cna@sap.com | https://launchpad.support.sap.com/#/notes/2974774 | Permissions Required, Vendor Advisory | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/163166/SAP-Netweaver-JAVA-7.50-Missing-Authorization.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2021/Jun/33 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/2974774 | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.11 | |
| sap | netweaver_application_server_java | 7.20 | |
| sap | netweaver_application_server_java | 7.30 | |
| sap | netweaver_application_server_java | 7.31 | |
| sap | netweaver_application_server_java | 7.40 | |
| sap | netweaver_application_server_java | 7.50 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.11:*:*:*:*:*:*:*", matchCriteriaId: "C6B085AF-8CEE-4A87-B381-F36C989FB2A0", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.20:*:*:*:*:*:*:*", matchCriteriaId: "43A28C48-4325-4694-88B1-FEE46EBFB0A6", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.30:*:*:*:*:*:*:*", matchCriteriaId: "24A1E0B9-8C28-41BC-B050-237B5F929C9C", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.31:*:*:*:*:*:*:*", matchCriteriaId: "EEAE6C2A-821F-4123-BD56-0FDADF9D63C8", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*", matchCriteriaId: "F5308FCE-8B2C-4B4D-BEE7-3CF544570B68", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", matchCriteriaId: "9C506445-3787-4BFF-A98B-7502A0F7CF80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SAP NetWeaver AS JAVA (P2P Cluster Communication), versions - 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows arbitrary connections from processes because of missing authentication check, that are outside the cluster and even outside the network segment dedicated for the internal cluster communication. As result, an unauthenticated attacker can invoke certain functions that would otherwise be restricted to system administrators only, including access to system administration functions or shutting down the system completely.", }, { lang: "es", value: "SAP NetWeaver AS JAVA (P2P Cluster Communication), versiones - 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, permite conexiones arbitrarias de procesos debido a una falta de comprobación de autenticación, que están fuera del clúster e incluso fuera del segmento de red dedicado para la comunicación interna del clúster. Como resultado, un atacante no autenticado puede invocar determinadas funciones que de otro modo estarían restringidas sólo a los administradores del sistema, incluyendo el acceso a las funciones de administración del sistema o apagando el sistema por completo", }, ], id: "CVE-2020-26829", lastModified: "2024-11-21T05:20:21.500", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 8.5, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 10, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 6, source: "cna@sap.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 10, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-12-09T17:15:31.057", references: [ { source: "cna@sap.com", tags: [ "Third Party Advisory", ], url: "http://packetstormsecurity.com/files/163166/SAP-Netweaver-JAVA-7.50-Missing-Authorization.html", }, { source: "cna@sap.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2021/Jun/33", }, { source: "cna@sap.com", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://launchpad.support.sap.com/#/notes/2974774", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://packetstormsecurity.com/files/163166/SAP-Netweaver-JAVA-7.50-Missing-Authorization.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2021/Jun/33", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://launchpad.support.sap.com/#/notes/2974774", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-306", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-09-11 15:29
Modified
2024-11-21 04:03
Severity ?
Summary
The logon application of SAP NetWeaver AS Java 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50 does not sufficiently encode user-controlled inputs, resulting in a cross-site scripting (XSS) vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | http://www.securityfocus.com/bid/105325 | Third Party Advisory, VDB Entry | |
| cna@sap.com | https://launchpad.support.sap.com/#/notes/2623846 | Permissions Required | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499356993 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/105325 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/2623846 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499356993 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.10 | |
| sap | netweaver_application_server_java | 7.11 | |
| sap | netweaver_application_server_java | 7.20 | |
| sap | netweaver_application_server_java | 7.30 | |
| sap | netweaver_application_server_java | 7.31 | |
| sap | netweaver_application_server_java | 7.40 | |
| sap | netweaver_application_server_java | 7.50 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.10:*:*:*:*:*:*:*", matchCriteriaId: "D60371A7-F8F4-46F8-9659-DD4EE84B81EA", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.11:*:*:*:*:*:*:*", matchCriteriaId: "C6B085AF-8CEE-4A87-B381-F36C989FB2A0", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.20:*:*:*:*:*:*:*", matchCriteriaId: "43A28C48-4325-4694-88B1-FEE46EBFB0A6", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.30:*:*:*:*:*:*:*", matchCriteriaId: "24A1E0B9-8C28-41BC-B050-237B5F929C9C", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.31:*:*:*:*:*:*:*", matchCriteriaId: "EEAE6C2A-821F-4123-BD56-0FDADF9D63C8", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*", matchCriteriaId: "F5308FCE-8B2C-4B4D-BEE7-3CF544570B68", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", matchCriteriaId: "9C506445-3787-4BFF-A98B-7502A0F7CF80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The logon application of SAP NetWeaver AS Java 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50 does not sufficiently encode user-controlled inputs, resulting in a cross-site scripting (XSS) vulnerability.", }, { lang: "es", value: "La aplicación de inicio de sesión de SAP NetWeaver AS Java desde la versión 7.10 hasta la 7.11, 7.20, 7.30, 7.31, 7.40 y 7.50, no cifra lo suficiente las entradas controladas por el usuario, lo que resulta en una vulnerabilidad de Cross-Site Scripting (XSS).", }, ], id: "CVE-2018-2452", lastModified: "2024-11-21T04:03:50.470", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-09-11T15:29:00.720", references: [ { source: "cna@sap.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/105325", }, { source: "cna@sap.com", tags: [ "Permissions Required", ], url: "https://launchpad.support.sap.com/#/notes/2623846", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499356993", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/105325", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "https://launchpad.support.sap.com/#/notes/2623846", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499356993", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-10-15 03:15
Modified
2024-11-21 05:35
Severity ?
Summary
SAP NetWeaver AS Java, versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, Start Page allows an unauthenticated remote attacker to redirect users to a malicious site due to insufficient reverse tabnabbing URL validation. The attacker could execute phishing attacks to steal credentials of the victim or to redirect users to untrusted web pages containing malware or similar malicious exploits.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://launchpad.support.sap.com/#/notes/2969828 | Permissions Required, Vendor Advisory | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=558632196 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/2969828 | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=558632196 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.10 | |
| sap | netweaver_application_server_java | 7.11 | |
| sap | netweaver_application_server_java | 7.20 | |
| sap | netweaver_application_server_java | 7.30 | |
| sap | netweaver_application_server_java | 7.31 | |
| sap | netweaver_application_server_java | 7.40 | |
| sap | netweaver_application_server_java | 7.50 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.10:*:*:*:*:*:*:*", matchCriteriaId: "D60371A7-F8F4-46F8-9659-DD4EE84B81EA", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.11:*:*:*:*:*:*:*", matchCriteriaId: "C6B085AF-8CEE-4A87-B381-F36C989FB2A0", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.20:*:*:*:*:*:*:*", matchCriteriaId: "43A28C48-4325-4694-88B1-FEE46EBFB0A6", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.30:*:*:*:*:*:*:*", matchCriteriaId: "24A1E0B9-8C28-41BC-B050-237B5F929C9C", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.31:*:*:*:*:*:*:*", matchCriteriaId: "EEAE6C2A-821F-4123-BD56-0FDADF9D63C8", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*", matchCriteriaId: "F5308FCE-8B2C-4B4D-BEE7-3CF544570B68", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", matchCriteriaId: "9C506445-3787-4BFF-A98B-7502A0F7CF80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SAP NetWeaver AS Java, versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, Start Page allows an unauthenticated remote attacker to redirect users to a malicious site due to insufficient reverse tabnabbing URL validation. The attacker could execute phishing attacks to steal credentials of the victim or to redirect users to untrusted web pages containing malware or similar malicious exploits.", }, { lang: "es", value: "SAP NetWeaver AS Java, versiones - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, la página de inicio permite a un atacante remoto no autenticado redireccionar a usuarios hacia un sitio malicioso debido a una comprobación insuficiente de URL de tabnabbing inverso. El atacante podría ejecutar ataques de phishing para robar las credenciales de la víctima o para redireccionar a los usuarios hacia páginas web no confiables que contienen malware o explotaciones maliciosos similares", }, ], id: "CVE-2020-6365", lastModified: "2024-11-21T05:35:35.180", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "cna@sap.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-10-15T03:15:12.247", references: [ { source: "cna@sap.com", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://launchpad.support.sap.com/#/notes/2969828", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=558632196", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://launchpad.support.sap.com/#/notes/2969828", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=558632196", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-601", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-04-14 18:59
Modified
2025-04-20 01:37
Severity ?
Summary
SQL injection vulnerability in the getUserUddiElements method in the ES UDDI component in SAP NetWeaver AS Java 7.4 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2356504.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/100168 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.securityfocus.com/bid/95364 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://erpscan.io/advisories/erpscan-17-003-sap-netweaver-7-4-getuseruddielements-sql-injection/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100168 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/95364 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://erpscan.io/advisories/erpscan-17-003-sap-netweaver-7-4-getuseruddielements-sql-injection/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.40 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*", matchCriteriaId: "F5308FCE-8B2C-4B4D-BEE7-3CF544570B68", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SQL injection vulnerability in the getUserUddiElements method in the ES UDDI component in SAP NetWeaver AS Java 7.4 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2356504.", }, { lang: "es", value: "Vulnerabilidad de inyección de SQL en el método getUserUddiElements en el componente ES UDDI en SAP NetWeaver AS Java 7.4 permite a usuarios autenticados remotos ejecutar comandos SQL arbitrarios a través de vectores no especificados, también conocido como SAP Security Note 2356504.", }, ], id: "CVE-2017-7717", lastModified: "2025-04-20T01:37:25.860", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-04-14T18:59:01.110", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/100168", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/95364", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://erpscan.io/advisories/erpscan-17-003-sap-netweaver-7-4-getuseruddielements-sql-injection/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/100168", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/95364", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://erpscan.io/advisories/erpscan-17-003-sap-netweaver-7-4-getuseruddielements-sql-injection/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-89", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-06-11 03:15
Modified
2024-11-21 09:05
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
SAP NetWeaver AS Java (CAF - Guided Procedures)
allows an unauthenticated user to access non-sensitive information about the
server which would otherwise be restricted causing low impact on
confidentiality of the application.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://me.sap.com/notes/3425571 | Permissions Required | |
| cna@sap.com | https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://me.sap.com/notes/3425571 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | gp-core_7.5 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:gp-core_7.5:*:*:*:*:*:*:*", matchCriteriaId: "A5F64B5B-8342-4F60-BB57-7CD0C77EA6B0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SAP NetWeaver AS Java (CAF - Guided Procedures)\nallows an unauthenticated user to access non-sensitive information about the\nserver which would otherwise be restricted causing low impact on\nconfidentiality of the application.", }, { lang: "es", value: "SAP NetWeaver AS Java (CAF - Procedimientos guiados) permite que un usuario no autenticado acceda a información no confidencial sobre el servidor que de otro modo estaría restringida y causaría un bajo impacto en la confidencialidad de la aplicación.", }, ], id: "CVE-2024-28164", lastModified: "2024-11-21T09:05:56.460", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "cna@sap.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-06-11T03:15:09.953", references: [ { source: "cna@sap.com", tags: [ "Permissions Required", ], url: "https://me.sap.com/notes/3425571", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "https://me.sap.com/notes/3425571", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "cna@sap.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-03-12 22:29
Modified
2024-11-21 04:16
Severity ?
Summary
SAML 1.1 SSO Demo Application in SAP NetWeaver Java Application Server (J2EE-APPS), versions 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40 and 7.50, does not sufficiently encode user-controlled inputs, which results in cross-site scripting (XSS) vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | http://www.securityfocus.com/bid/107362 | Third Party Advisory, VDB Entry | |
| cna@sap.com | https://launchpad.support.sap.com/#/notes/2689925 | Permissions Required, Vendor Advisory | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=515408080 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/107362 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/2689925 | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=515408080 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | * | |
| sap | netweaver_application_server_java | 7.20 | |
| sap | netweaver_application_server_java | 7.30 | |
| sap | netweaver_application_server_java | 7.31 | |
| sap | netweaver_application_server_java | 7.40 | |
| sap | netweaver_application_server_java | 7.50 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:*:*:*:*:*:*:*:*", matchCriteriaId: "229116DF-55FA-421A-951A-7C1813430DB4", versionEndIncluding: "7.11", versionStartIncluding: "7.10", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.20:*:*:*:*:*:*:*", matchCriteriaId: "43A28C48-4325-4694-88B1-FEE46EBFB0A6", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.30:*:*:*:*:*:*:*", matchCriteriaId: "24A1E0B9-8C28-41BC-B050-237B5F929C9C", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.31:*:*:*:*:*:*:*", matchCriteriaId: "EEAE6C2A-821F-4123-BD56-0FDADF9D63C8", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*", matchCriteriaId: "F5308FCE-8B2C-4B4D-BEE7-3CF544570B68", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", matchCriteriaId: "9C506445-3787-4BFF-A98B-7502A0F7CF80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SAML 1.1 SSO Demo Application in SAP NetWeaver Java Application Server (J2EE-APPS), versions 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40 and 7.50, does not sufficiently encode user-controlled inputs, which results in cross-site scripting (XSS) vulnerability.", }, { lang: "es", value: "SAML 1.1 SSO Demo Application en SAP NetWeaCVEr Java Application SerCVEr (J2EE-APPS), desde la CVErsión 7.10 hasta la 7.11 y en CVErsiones 7.20, 7.30, 7.31, 7.40 y 7.50, no codifica suficientemente las entradas controladas por el usuario, lo que resulta en una vulnerabilidad de Cross-Site Scripting (XSS).", }, ], id: "CVE-2019-0275", lastModified: "2024-11-21T04:16:37.147", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 3.5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-03-12T22:29:00.597", references: [ { source: "cna@sap.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/107362", }, { source: "cna@sap.com", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://launchpad.support.sap.com/#/notes/2689925", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=515408080", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/107362", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://launchpad.support.sap.com/#/notes/2689925", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=515408080", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-04-07 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in SAP NetWeaver AS Java 7.1 through 7.5 allows remote attackers to inject arbitrary web script or HTML via the navigationTarget parameter to irj/servlet/prt/portal/prteventname/XXX/prtroot/com.sapportals.navigation.testComponent.NavigationURLTester, aka SAP Security Note 2238375.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:*:*:*:*:*:*:*:*", matchCriteriaId: "70F75AAE-5A52-4B9A-B8E8-8E1BE573B21D", versionEndIncluding: "7.50", versionStartIncluding: "7.10", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Cross-site scripting (XSS) vulnerability in SAP NetWeaver AS Java 7.1 through 7.5 allows remote attackers to inject arbitrary web script or HTML via the navigationTarget parameter to irj/servlet/prt/portal/prteventname/XXX/prtroot/com.sapportals.navigation.testComponent.NavigationURLTester, aka SAP Security Note 2238375.", }, { lang: "es", value: "Vulnerabilidad de XSS en SAP NetWeaver AS Java 7.1 hasta la versión 7.5 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través del parámetro navigationTarget para irj/servlet/prt/portal/prteventname/XXX/prtroot/com.sapportals.navigation.testComponent.NavigationURLTester, también conocida como SAP Security Note 2238375.", }, ], id: "CVE-2016-3975", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-04-07T19:59:06.087", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/137529/SAP-NetWeaver-AS-JAVA-7.5-Cross-Site-Scripting.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2016/Jun/42", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://erpscan.io/advisories/erpscan-16-014-sap-netweaver-7-4-navigationurltester/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://erpscan.io/press-center/blog/sap-security-notes-march-2016-review/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/137529/SAP-NetWeaver-AS-JAVA-7.5-Cross-Site-Scripting.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2016/Jun/42", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://erpscan.io/advisories/erpscan-16-014-sap-netweaver-7-4-navigationurltester/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://erpscan.io/press-center/blog/sap-security-notes-march-2016-review/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-04-13 19:15
Modified
2024-11-21 05:58
Severity ?
Summary
SAP NetWeaver AS Java (Applications based on HTMLB for Java) allows a basic-level authorized attacker to store a malicious file on the server. When a victim tries to open this file, it results in a Cross-Site Scripting (XSS) vulnerability and the attacker can read and modify data. However, the attacker does not have control over kind or degree.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://launchpad.support.sap.com/#/notes/2963592 | Permissions Required | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=573801649 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/2963592 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=573801649 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.10 | |
| sap | netweaver_application_server_java | 7.11 | |
| sap | netweaver_application_server_java | 7.30 | |
| sap | netweaver_application_server_java | 7.31 | |
| sap | netweaver_application_server_java | 7.40 | |
| sap | netweaver_application_server_java | 7.50 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.10:*:*:*:*:*:*:*", matchCriteriaId: "D60371A7-F8F4-46F8-9659-DD4EE84B81EA", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.11:*:*:*:*:*:*:*", matchCriteriaId: "C6B085AF-8CEE-4A87-B381-F36C989FB2A0", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.30:*:*:*:*:*:*:*", matchCriteriaId: "24A1E0B9-8C28-41BC-B050-237B5F929C9C", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.31:*:*:*:*:*:*:*", matchCriteriaId: "EEAE6C2A-821F-4123-BD56-0FDADF9D63C8", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*", matchCriteriaId: "F5308FCE-8B2C-4B4D-BEE7-3CF544570B68", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", matchCriteriaId: "9C506445-3787-4BFF-A98B-7502A0F7CF80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SAP NetWeaver AS Java (Applications based on HTMLB for Java) allows a basic-level authorized attacker to store a malicious file on the server. When a victim tries to open this file, it results in a Cross-Site Scripting (XSS) vulnerability and the attacker can read and modify data. However, the attacker does not have control over kind or degree.", }, { lang: "es", value: "SAP NetWeaver AS Java (Aplicaciones basadas en HTMLB para Java) permite a un atacante autorizado de nivel básico almacenar un archivo malicioso en el servidor. Cuando una víctima intenta abrir este archivo, resulta en una vulnerabilidad de tipo Cross-Site Scripting (XSS) y el atacante puede leer y modificar datos. Sin embargo, el atacante no tiene control sobre la clase o el grado", }, ], id: "CVE-2021-27601", lastModified: "2024-11-21T05:58:16.440", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 3.5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, exploitabilityScore: 2.3, impactScore: 2.7, source: "cna@sap.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-04-13T19:15:15.257", references: [ { source: "cna@sap.com", tags: [ "Permissions Required", ], url: "https://launchpad.support.sap.com/#/notes/2963592", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=573801649", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "https://launchpad.support.sap.com/#/notes/2963592", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=573801649", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-12-11 22:29
Modified
2024-11-21 04:03
Severity ?
Summary
By default, the SAP NetWeaver AS Java keystore service does not sufficiently restrict the access to resources that should be protected. This has been fixed in SAP NetWeaver AS Java (ServerCore versions 7.11, 7.20, 7.30, 7.31, 7.40, 7.50).
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | http://www.securityfocus.com/bid/106156 | Third Party Advisory, VDB Entry | |
| cna@sap.com | https://launchpad.support.sap.com/#/notes/2658279 | Permissions Required | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/106156 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/2658279 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.11 | |
| sap | netweaver_application_server_java | 7.20 | |
| sap | netweaver_application_server_java | 7.30 | |
| sap | netweaver_application_server_java | 7.31 | |
| sap | netweaver_application_server_java | 7.40 | |
| sap | netweaver_application_server_java | 7.50 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.11:*:*:*:*:*:*:*", matchCriteriaId: "C6B085AF-8CEE-4A87-B381-F36C989FB2A0", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.20:*:*:*:*:*:*:*", matchCriteriaId: "43A28C48-4325-4694-88B1-FEE46EBFB0A6", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.30:*:*:*:*:*:*:*", matchCriteriaId: "24A1E0B9-8C28-41BC-B050-237B5F929C9C", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.31:*:*:*:*:*:*:*", matchCriteriaId: "EEAE6C2A-821F-4123-BD56-0FDADF9D63C8", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*", matchCriteriaId: "F5308FCE-8B2C-4B4D-BEE7-3CF544570B68", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", matchCriteriaId: "9C506445-3787-4BFF-A98B-7502A0F7CF80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "By default, the SAP NetWeaver AS Java keystore service does not sufficiently restrict the access to resources that should be protected. This has been fixed in SAP NetWeaver AS Java (ServerCore versions 7.11, 7.20, 7.30, 7.31, 7.40, 7.50).", }, { lang: "es", value: "Por defecto, el almacén de claves Java de SAP NetWeaver AS no restringe lo suficiente el acceso a recursos que deberían estar protegidos. Esto ha sido solucionado en SAP NetWeaver AS Java (ServerCore en versiones 7.11, 7.20, 7.30, 7.31, 7.40 y 7.50).", }, ], id: "CVE-2018-2503", lastModified: "2024-11-21T04:03:55.670", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 3.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:A/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-12-11T22:29:00.593", references: [ { source: "cna@sap.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106156", }, { source: "cna@sap.com", tags: [ "Permissions Required", ], url: "https://launchpad.support.sap.com/#/notes/2658279", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106156", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "https://launchpad.support.sap.com/#/notes/2658279", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-862", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-06-11 03:15
Modified
2024-11-21 09:19
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Due to unrestricted access to the Meta Model
Repository services in SAP NetWeaver AS Java, attackers can perform DoS attacks
on the application, which may prevent legitimate users from accessing it. This
can result in no impact on confidentiality and integrity but a high impact on
the availability of the application.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://me.sap.com/notes/3460407 | Permissions Required | |
| cna@sap.com | https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://me.sap.com/notes/3460407 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | mmr_server_7.5 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:mmr_server_7.5:*:*:*:*:*:*:*", matchCriteriaId: "1316CD4A-DA36-41B8-9186-FE3D9C709DA7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Due to unrestricted access to the Meta Model\nRepository services in SAP NetWeaver AS Java, attackers can perform DoS attacks\non the application, which may prevent legitimate users from accessing it. This\ncan result in no impact on confidentiality and integrity but a high impact on\nthe availability of the application.", }, { lang: "es", value: "Debido al acceso sin restricciones a los servicios del Meta Model Repository en SAP NetWeaver AS Java, los atacantes pueden realizar ataques DoS en la aplicación, lo que puede impedir que los usuarios legítimos accedan a ella. Esto puede no tener ningún impacto en la confidencialidad e integridad, pero sí un alto impacto en la disponibilidad de la aplicación.", }, ], id: "CVE-2024-34688", lastModified: "2024-11-21T09:19:11.933", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "cna@sap.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-06-11T03:15:11.310", references: [ { source: "cna@sap.com", tags: [ "Permissions Required", ], url: "https://me.sap.com/notes/3460407", }, { source: "cna@sap.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "https://me.sap.com/notes/3460407", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-400", }, ], source: "cna@sap.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-11-23 02:59
Modified
2025-04-12 10:46
Severity ?
Summary
SAP NetWeaver AS JAVA 7.4 allows remote attackers to cause a Denial of Service (null pointer exception and icman outage) via an HTTPS request to the sap.com~P4TunnelingApp!web/myServlet URI, aka SAP Security Note 2313835.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/92418 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.securityfocus.com/bid/95363 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://erpscan.io/advisories/erpscan-16-033-sap-netweaver-java-icman-dos-vulnerability/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/92418 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/95363 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://erpscan.io/advisories/erpscan-16-033-sap-netweaver-java-icman-dos-vulnerability/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.40 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*", matchCriteriaId: "F5308FCE-8B2C-4B4D-BEE7-3CF544570B68", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SAP NetWeaver AS JAVA 7.4 allows remote attackers to cause a Denial of Service (null pointer exception and icman outage) via an HTTPS request to the sap.com~P4TunnelingApp!web/myServlet URI, aka SAP Security Note 2313835.", }, { lang: "es", value: "SAP NetWeaver AS JAVA 7.4 permite a atacantes remotos provocar una denegación de servicio (excepción de puntero nulo e interrupción de icman) a través de una petición HTTPS a la URI sap.com~P4TunnelingApp!web/myServlet, vulnerabilidad también conocida como SAP Security Note 2313835.", }, ], id: "CVE-2016-9562", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-11-23T02:59:05.150", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/92418", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/95363", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://erpscan.io/advisories/erpscan-16-033-sap-netweaver-java-icman-dos-vulnerability/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/92418", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/95363", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://erpscan.io/advisories/erpscan-16-033-sap-netweaver-java-icman-dos-vulnerability/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-04-10 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
The SAP EP-RUNTIME component in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to cause a denial of service (out-of-memory error and service instability) via a crafted serialized Java object, as demonstrated by serial.cc3, aka SAP Security Note 2315788.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.50 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", matchCriteriaId: "9C506445-3787-4BFF-A98B-7502A0F7CF80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The SAP EP-RUNTIME component in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to cause a denial of service (out-of-memory error and service instability) via a crafted serialized Java object, as demonstrated by serial.cc3, aka SAP Security Note 2315788.", }, { lang: "es", value: "El componente SAP EP-RUNTIME en SAP NetWeaver AS JAVA 7.5 permite a los usuarios autenticados remotos provocar una denegación de servicio (error de falta de memoria e inestabilidad del servicio) a través de un objeto Java serializado manipulado por serial.cc3, también conocido como SAP Security Nota 2315788.", }, ], id: "CVE-2016-10304", lastModified: "2025-04-20T01:37:25.860", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 4, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-04-10T14:59:00.187", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://erpscan.io/advisories/erpscan-16-029-sap-netweaver-java-7-5-deserialization-untrusted-user-value-trustmanagementservlet/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://erpscan.io/advisories/erpscan-16-029-sap-netweaver-java-7-5-deserialization-untrusted-user-value-trustmanagementservlet/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-502", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-03-10 21:15
Modified
2024-11-21 05:35
Severity ?
Summary
SAP NetWeaver Application Server Java (User Management Engine), versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; does not sufficiently validate the LDAP data source configuration XML document accepted from an untrusted source, leading to Missing XML Validation.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://launchpad.support.sap.com/#/notes/2847787 | Permissions Required | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/2847787 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.10 | |
| sap | netweaver_application_server_java | 7.20 | |
| sap | netweaver_application_server_java | 7.30 | |
| sap | netweaver_application_server_java | 7.31 | |
| sap | netweaver_application_server_java | 7.40 | |
| sap | netweaver_application_server_java | 7.50 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.10:*:*:*:*:*:*:*", matchCriteriaId: "D60371A7-F8F4-46F8-9659-DD4EE84B81EA", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.20:*:*:*:*:*:*:*", matchCriteriaId: "43A28C48-4325-4694-88B1-FEE46EBFB0A6", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.30:*:*:*:*:*:*:*", matchCriteriaId: "24A1E0B9-8C28-41BC-B050-237B5F929C9C", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.31:*:*:*:*:*:*:*", matchCriteriaId: "EEAE6C2A-821F-4123-BD56-0FDADF9D63C8", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*", matchCriteriaId: "F5308FCE-8B2C-4B4D-BEE7-3CF544570B68", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", matchCriteriaId: "9C506445-3787-4BFF-A98B-7502A0F7CF80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SAP NetWeaver Application Server Java (User Management Engine), versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; does not sufficiently validate the LDAP data source configuration XML document accepted from an untrusted source, leading to Missing XML Validation.", }, { lang: "es", value: "SAP NetWeaver Application Server Java (User Management Engine), versiones 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; no comprueba suficientemente el documento XML de configuración de la fuente de datos LDAP aceptado desde una fuente no segura , conllevando a una Falta de Comprobación XML.", }, ], id: "CVE-2020-6202", lastModified: "2024-11-21T05:35:17.407", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L", version: "3.0", }, exploitabilityScore: 2.3, impactScore: 2.7, source: "cna@sap.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-03-10T21:15:14.327", references: [ { source: "cna@sap.com", tags: [ "Permissions Required", ], url: "https://launchpad.support.sap.com/#/notes/2847787", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "https://launchpad.support.sap.com/#/notes/2847787", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-08-07 20:29
Modified
2025-04-20 01:37
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
Directory traversal vulnerability in scheduler/ui/js/ffffffffbca41eb4/UIUtilJavaScriptJS in SAP NetWeaver Application Server Java 7.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the query string, as exploited in the wild in August 2017, aka SAP Security Note 2486657.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://web.archive.org/web/20170807202056/http://www.sh0w.top/index.php/archives/7/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.50 |
{ cisaActionDue: "2025-04-09", cisaExploitAdd: "2025-03-19", cisaRequiredAction: "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", cisaVulnerabilityName: "SAP NetWeaver Directory Traversal Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", matchCriteriaId: "9C506445-3787-4BFF-A98B-7502A0F7CF80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Directory traversal vulnerability in scheduler/ui/js/ffffffffbca41eb4/UIUtilJavaScriptJS in SAP NetWeaver Application Server Java 7.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the query string, as exploited in the wild in August 2017, aka SAP Security Note 2486657.", }, { lang: "es", value: "La vulnerabilidad de salto de directorio en el archivo scheduler/ui/js/ffffffffbca41eb4/UIUtilJavaScriptJS en SAP NetWeaver Application Server Java versión 7.5, permite a los atacantes remotos leer archivos arbitrarios por medio de un .. (punto punto) en la cadena de consulta, tal y como fue explotado “in the wild” en agosto de 2017, también se conoce como Nota de Seguridad de SAP 2486657.", }, ], id: "CVE-2017-12637", lastModified: "2025-04-20T01:37:25.860", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2017-08-07T20:29:01.120", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://web.archive.org/web/20170807202056/http://www.sh0w.top/index.php/archives/7/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-22", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2023-09-12 03:15
Modified
2024-11-21 08:19
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
SAP CommonCryptoLib does not perform necessary authentication checks, which may result in missing or wrong authorization checks for an authenticated user, resulting in escalation of privileges. Depending on the application and the level of privileges acquired, an attacker could abuse functionality restricted to a particular user group as well as read, modify or delete restricted data.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://me.sap.com/notes/3340576 | Permissions Required, Vendor Advisory | |
| cna@sap.com | https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://me.sap.com/notes/3340576 | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:commoncryptolib:8.0.0:*:*:*:*:*:*:*", matchCriteriaId: "92E07A81-F35C-4BF4-8AB4-E5B3C3D09487", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:content_server:6.50:*:*:*:*:*:*:*", matchCriteriaId: "85520864-E99A-4576-847C-5E0EA1E6CEC5", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:content_server:7.53:*:*:*:*:*:*:*", matchCriteriaId: "A02FB973-7FA0-4881-B912-27F4CFBDC673", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:content_server:7.54:*:*:*:*:*:*:*", matchCriteriaId: "ED7FD33E-6870-48EB-8695-67B9169D1808", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:extended_application_services_and_runtime:1.0:*:*:*:*:*:*:*", matchCriteriaId: "FF475F4D-11D8-401A-BAB8-8A31E81CEEEB", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:hana_database:2.0:*:*:*:*:*:*:*", matchCriteriaId: "30B0858F-6AE9-4163-B001-1481FD3AFF9F", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:host_agent:722:*:*:*:*:*:*:*", matchCriteriaId: "6A56308E-B097-49F3-8963-1F34E8716CD9", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:7.22ext:*:*:*:*:*:*:*", matchCriteriaId: "AF64539B-0DE2-4076-91B9-F03F4DDFAE2F", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.22:*:*:*:*:*:*:*", matchCriteriaId: "6C07042F-C47F-441E-AB32-B58A066909E2", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.53:*:*:*:*:*:*:*", matchCriteriaId: "DBC44C62-0BFD-4170-B094-C82DEA473938", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.54:*:*:*:*:*:*:*", matchCriteriaId: "D99F18BB-B44E-48B5-BD7C-D20E40915268", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.77:*:*:*:*:*:*:*", matchCriteriaId: "208F59B2-7D79-4E0E-97DA-AEB9976C8EEA", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.85:*:*:*:*:*:*:*", matchCriteriaId: "A120BC2E-92B2-404A-ADF6-F1AF512631E6", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.89:*:*:*:*:*:*:*", matchCriteriaId: "56F63498-DAC3-40EE-9625-51FA522BA0DB", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.91:*:*:*:*:*:*:*", matchCriteriaId: "06155DA1-7EDD-4EBA-8EBB-F7352F4EC7D2", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.92:*:*:*:*:*:*:*", matchCriteriaId: "104EE65A-202C-4F4E-B725-791A73687167", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.93:*:*:*:*:*:*:*", matchCriteriaId: "0269C487-81F8-4240-BEF8-1A7C33864519", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_8.04:*:*:*:*:*:*:*", matchCriteriaId: "379FDFC8-947E-4D09-A9DD-4B3F7481F648", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:kernel64nuc_7.22:*:*:*:*:*:*:*", matchCriteriaId: "7184F3A2-3408-4B7E-BEA6-BBF55909969F", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:kernel64nuc_7.22ext:*:*:*:*:*:*:*", matchCriteriaId: "BB2D30A5-DB16-4CB7-8135-3CE106FA5477", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:kernel64uc_7.22:*:*:*:*:*:*:*", matchCriteriaId: "D1657980-CBAC-41AC-A20E-18D7199EA244", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:kernel64uc_7.22ext:*:*:*:*:*:*:*", matchCriteriaId: "771ED2D0-3BC5-4C36-BCEB-1A1C46667363", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:kernel64uc_7.53:*:*:*:*:*:*:*", matchCriteriaId: "0F05534F-3D2B-4983-9CC1-3A8BC7D421C8", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:kernel64uc_8.04:*:*:*:*:*:*:*", matchCriteriaId: "AE19A598-2F90-4014-AC5B-352FBC154907", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:kernel_7.22:*:*:*:*:*:*:*", matchCriteriaId: "97EDAAC4-4885-46CE-860A-DDF92FF205C4", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:kernel_7.53:*:*:*:*:*:*:*", matchCriteriaId: "4E53E262-A23E-4D99-B2D8-DDCBEED85EA2", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:kernel_7.54:*:*:*:*:*:*:*", matchCriteriaId: "F7E61257-B187-4A83-96BD-D53CE11061D7", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:kernel_7.77:*:*:*:*:*:*:*", matchCriteriaId: "34E0B493-0860-4074-A383-F9C2A06EA8E9", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:kernel_7.85:*:*:*:*:*:*:*", matchCriteriaId: "D338B951-5C8F-4C14-931C-5F8AEA7F5924", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:kernel_7.89:*:*:*:*:*:*:*", matchCriteriaId: "525603B5-ADDC-4F58-B730-FC748A56D6E1", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:kernel_7.91:*:*:*:*:*:*:*", matchCriteriaId: "CA2270AE-437E-4FDE-9F53-690C0BCF9C2E", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:kernel_7.92:*:*:*:*:*:*:*", matchCriteriaId: "BD374580-7D80-4D7F-8D89-8F52F2DEA8D4", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:kernel_7.93:*:*:*:*:*:*:*", matchCriteriaId: "59253D09-D58D-4013-8F29-2172C1B83AA8", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:kernel_8.04:*:*:*:*:*:*:*", matchCriteriaId: "21316691-9A18-4B41-915E-491225CEF966", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:kernel64nuc_7.22:*:*:*:*:*:*:*", matchCriteriaId: "2BB08C06-0E07-4317-B1AC-C1ECCF931E7A", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:kernel64nuc_7.22ext:*:*:*:*:*:*:*", matchCriteriaId: "8692B960-38A9-4035-88F5-C33D15B6A018", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:kernel64uc_7.22:*:*:*:*:*:*:*", matchCriteriaId: "1D9E47FB-D39A-40C3-AEEE-D6A5AE27F063", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:kernel64uc_7.22ext:*:*:*:*:*:*:*", matchCriteriaId: "80C5A218-C623-41C5-A001-304046608CF9", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:kernel64uc_7.53:*:*:*:*:*:*:*", matchCriteriaId: "92E7B426-D50F-4AEE-B6F3-5D00C8A195F5", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:kernel64uc_8.04:*:*:*:*:*:*:*", matchCriteriaId: "039A11C9-D9D1-42BC-8DD4-2BCDAAF464CD", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:sapssoext:17.0:*:*:*:*:*:*:*", matchCriteriaId: "784CA842-6657-4A02-96B0-76A66AC469C9", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:web_dispatcher:7.22ext:*:*:*:*:*:*:*", matchCriteriaId: "D3F76E6A-2F27-450C-AAB5-E49A64079CAC", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:web_dispatcher:7.53:*:*:*:*:*:*:*", matchCriteriaId: "47D4D542-2EC2-490B-B4E9-3E7BB8D59B77", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:web_dispatcher:7.54:*:*:*:*:*:*:*", matchCriteriaId: "950DF1E2-990E-41EF-8779-CEC54C7CDC60", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:web_dispatcher:7.77:*:*:*:*:*:*:*", matchCriteriaId: "E33D9481-3CF6-4AA3-B115-7903AC6DAE25", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:web_dispatcher:7.85:*:*:*:*:*:*:*", matchCriteriaId: "F74EE4D5-E968-4851-89E6-4152F64930F2", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:web_dispatcher:7.89:*:*:*:*:*:*:*", matchCriteriaId: "097ED3E8-49B1-497E-BD43-28C397FBEAE8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SAP CommonCryptoLib does not perform necessary authentication checks, which may result in missing or wrong authorization checks for an authenticated user, resulting in escalation of privileges. Depending on the application and the level of privileges acquired, an attacker could abuse functionality restricted to a particular user group as well as read, modify or delete restricted data.", }, { lang: "es", value: "SAP CommonCryptoLib no realiza las comprobaciones de autenticación necesarias, lo que puede dar como resultado comprobaciones de autorización faltantes o incorrectas para un usuario autenticado, lo que resulta en una escalada de privilegios. Según la aplicación y el nivel de privilegios adquiridos, un atacante podría abusar de la funcionalidad restringida a un grupo de usuarios concreto, así como leer, modificar o eliminar datos restringidos.", }, ], id: "CVE-2023-40309", lastModified: "2024-11-21T08:19:12.560", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "cna@sap.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-09-12T03:15:12.073", references: [ { source: "cna@sap.com", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://me.sap.com/notes/3340576", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://me.sap.com/notes/3340576", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-863", }, ], source: "cna@sap.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-07-14 12:15
Modified
2024-11-21 06:09
Severity ?
Summary
When user with insufficient privileges tries to access any application in SAP NetWeaver Administrator (Administrator applications), version - 7.50, no security audit log is created. Therefore, security audit log Integrity is impacted.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://launchpad.support.sap.com/#/notes/3038594 | Permissions Required | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=580617506 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/3038594 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=580617506 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.50 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", matchCriteriaId: "9C506445-3787-4BFF-A98B-7502A0F7CF80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "When user with insufficient privileges tries to access any application in SAP NetWeaver Administrator (Administrator applications), version - 7.50, no security audit log is created. Therefore, security audit log Integrity is impacted.", }, { lang: "es", value: "Cuando un usuario con privilegios insuficientes intenta acceder a cualquier aplicación en SAP NetWeaver Administrator (Administrator applications), versión - 7.50, no es creado ningún registro de auditoría de seguridad. Por lo tanto, la integridad del registro de auditoría de seguridad está impactada", }, ], id: "CVE-2021-33689", lastModified: "2024-11-21T06:09:22.417", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 4, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 3.5, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", version: "3.0", }, exploitabilityScore: 2.1, impactScore: 1.4, source: "cna@sap.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-07-14T12:15:09.787", references: [ { source: "cna@sap.com", tags: [ "Permissions Required", ], url: "https://launchpad.support.sap.com/#/notes/3038594", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=580617506", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "https://launchpad.support.sap.com/#/notes/3038594", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=580617506", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-778", }, ], source: "cna@sap.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-02-16 15:59
Modified
2025-04-12 10:46
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2101079.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.40 |
{ cisaActionDue: "2022-06-30", cisaExploitAdd: "2022-06-09", cisaRequiredAction: "Apply updates per vendor instructions.", cisaVulnerabilityName: "SAP NetWeaver SQL Injection Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*", matchCriteriaId: "F5308FCE-8B2C-4B4D-BEE7-3CF544570B68", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2101079.", }, { lang: "es", value: "Vulnerabilidad de inyección SQL en el servidor UDDI en SAP NetWeaver J2EE Engine 7.40 permite a atacantes remotos ejecutar comandos SQL arbitrarios a través de vectores no especificados, también conocida como SAP Security Note 2101079.", }, ], id: "CVE-2016-2386", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2016-02-16T15:59:00.133", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/137129/SAP-NetWeaver-AS-JAVA-7.5-SQL-Injection.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2016/May/56", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "Broken Link", ], url: "https://erpscan.io/advisories/erpscan-16-011-sap-netweaver-7-4-sql-injection-vulnerability/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "Broken Link", ], url: "https://erpscan.io/press-center/blog/sap-security-notes-february-2016-review/", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/vah13/SAP_exploit", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/39840/", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/43495/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/137129/SAP-NetWeaver-AS-JAVA-7.5-SQL-Injection.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2016/May/56", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "Broken Link", ], url: "https://erpscan.io/advisories/erpscan-16-011-sap-netweaver-7-4-sql-injection-vulnerability/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "Broken Link", ], url: "https://erpscan.io/press-center/blog/sap-security-notes-february-2016-review/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/vah13/SAP_exploit", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/39840/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/43495/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-89", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-89", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2023-09-12 02:15
Modified
2024-11-21 08:19
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
SAP CommonCryptoLib allows an unauthenticated attacker to craft a request, which when submitted to an open port causes a memory corruption error in a library which in turn causes the target component to crash making it unavailable. There is no ability to view or modify any information.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://me.sap.com/notes/3327896 | Permissions Required, Vendor Advisory | |
| cna@sap.com | https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://me.sap.com/notes/3327896 | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:commoncryptolib:8.0.0:*:*:*:*:*:*:*", matchCriteriaId: "92E07A81-F35C-4BF4-8AB4-E5B3C3D09487", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:content_server:6.50:*:*:*:*:*:*:*", matchCriteriaId: "85520864-E99A-4576-847C-5E0EA1E6CEC5", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:content_server:7.53:*:*:*:*:*:*:*", matchCriteriaId: "A02FB973-7FA0-4881-B912-27F4CFBDC673", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:content_server:7.54:*:*:*:*:*:*:*", matchCriteriaId: "ED7FD33E-6870-48EB-8695-67B9169D1808", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:extended_application_services_and_runtime:1.0:*:*:*:*:*:*:*", matchCriteriaId: "FF475F4D-11D8-401A-BAB8-8A31E81CEEEB", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:hana_database:2.0:*:*:*:*:*:*:*", matchCriteriaId: "30B0858F-6AE9-4163-B001-1481FD3AFF9F", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:host_agent:722:*:*:*:*:*:*:*", matchCriteriaId: "6A56308E-B097-49F3-8963-1F34E8716CD9", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:7.22ext:*:*:*:*:*:*:*", matchCriteriaId: "AF64539B-0DE2-4076-91B9-F03F4DDFAE2F", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.22:*:*:*:*:*:*:*", matchCriteriaId: "6C07042F-C47F-441E-AB32-B58A066909E2", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.53:*:*:*:*:*:*:*", matchCriteriaId: "DBC44C62-0BFD-4170-B094-C82DEA473938", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.54:*:*:*:*:*:*:*", matchCriteriaId: "D99F18BB-B44E-48B5-BD7C-D20E40915268", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.77:*:*:*:*:*:*:*", matchCriteriaId: "208F59B2-7D79-4E0E-97DA-AEB9976C8EEA", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.85:*:*:*:*:*:*:*", matchCriteriaId: "A120BC2E-92B2-404A-ADF6-F1AF512631E6", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.89:*:*:*:*:*:*:*", matchCriteriaId: "56F63498-DAC3-40EE-9625-51FA522BA0DB", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.91:*:*:*:*:*:*:*", matchCriteriaId: "06155DA1-7EDD-4EBA-8EBB-F7352F4EC7D2", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.92:*:*:*:*:*:*:*", matchCriteriaId: "104EE65A-202C-4F4E-B725-791A73687167", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.93:*:*:*:*:*:*:*", matchCriteriaId: "0269C487-81F8-4240-BEF8-1A7C33864519", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_8.04:*:*:*:*:*:*:*", matchCriteriaId: "379FDFC8-947E-4D09-A9DD-4B3F7481F648", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:kernel64nuc_7.22:*:*:*:*:*:*:*", matchCriteriaId: "7184F3A2-3408-4B7E-BEA6-BBF55909969F", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:kernel64nuc_7.22ext:*:*:*:*:*:*:*", matchCriteriaId: "BB2D30A5-DB16-4CB7-8135-3CE106FA5477", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:kernel64uc_7.22:*:*:*:*:*:*:*", matchCriteriaId: "D1657980-CBAC-41AC-A20E-18D7199EA244", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:kernel64uc_7.22ext:*:*:*:*:*:*:*", matchCriteriaId: "771ED2D0-3BC5-4C36-BCEB-1A1C46667363", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:kernel64uc_7.53:*:*:*:*:*:*:*", matchCriteriaId: "0F05534F-3D2B-4983-9CC1-3A8BC7D421C8", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:kernel64uc_8.04:*:*:*:*:*:*:*", matchCriteriaId: "AE19A598-2F90-4014-AC5B-352FBC154907", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:kernel_7.22:*:*:*:*:*:*:*", matchCriteriaId: "97EDAAC4-4885-46CE-860A-DDF92FF205C4", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:kernel_7.53:*:*:*:*:*:*:*", matchCriteriaId: "4E53E262-A23E-4D99-B2D8-DDCBEED85EA2", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:kernel_7.54:*:*:*:*:*:*:*", matchCriteriaId: "F7E61257-B187-4A83-96BD-D53CE11061D7", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:kernel_7.77:*:*:*:*:*:*:*", matchCriteriaId: "34E0B493-0860-4074-A383-F9C2A06EA8E9", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:kernel_7.85:*:*:*:*:*:*:*", matchCriteriaId: "D338B951-5C8F-4C14-931C-5F8AEA7F5924", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:kernel_7.89:*:*:*:*:*:*:*", matchCriteriaId: "525603B5-ADDC-4F58-B730-FC748A56D6E1", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:kernel_7.91:*:*:*:*:*:*:*", matchCriteriaId: "CA2270AE-437E-4FDE-9F53-690C0BCF9C2E", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:kernel_7.92:*:*:*:*:*:*:*", matchCriteriaId: "BD374580-7D80-4D7F-8D89-8F52F2DEA8D4", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:kernel_7.93:*:*:*:*:*:*:*", matchCriteriaId: "59253D09-D58D-4013-8F29-2172C1B83AA8", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:kernel_8.04:*:*:*:*:*:*:*", matchCriteriaId: "21316691-9A18-4B41-915E-491225CEF966", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:kernel64nuc_7.22:*:*:*:*:*:*:*", matchCriteriaId: "2BB08C06-0E07-4317-B1AC-C1ECCF931E7A", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:kernel64nuc_7.22ext:*:*:*:*:*:*:*", matchCriteriaId: "8692B960-38A9-4035-88F5-C33D15B6A018", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:kernel64uc_7.22:*:*:*:*:*:*:*", matchCriteriaId: "1D9E47FB-D39A-40C3-AEEE-D6A5AE27F063", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:kernel64uc_7.22ext:*:*:*:*:*:*:*", matchCriteriaId: "80C5A218-C623-41C5-A001-304046608CF9", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:kernel64uc_7.53:*:*:*:*:*:*:*", matchCriteriaId: "92E7B426-D50F-4AEE-B6F3-5D00C8A195F5", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:kernel64uc_8.04:*:*:*:*:*:*:*", matchCriteriaId: "039A11C9-D9D1-42BC-8DD4-2BCDAAF464CD", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:sapssoext:17.0:*:*:*:*:*:*:*", matchCriteriaId: "784CA842-6657-4A02-96B0-76A66AC469C9", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:web_dispatcher:7.22ext:*:*:*:*:*:*:*", matchCriteriaId: "D3F76E6A-2F27-450C-AAB5-E49A64079CAC", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:web_dispatcher:7.53:*:*:*:*:*:*:*", matchCriteriaId: "47D4D542-2EC2-490B-B4E9-3E7BB8D59B77", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:web_dispatcher:7.54:*:*:*:*:*:*:*", matchCriteriaId: "950DF1E2-990E-41EF-8779-CEC54C7CDC60", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:web_dispatcher:7.77:*:*:*:*:*:*:*", matchCriteriaId: "E33D9481-3CF6-4AA3-B115-7903AC6DAE25", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:web_dispatcher:7.85:*:*:*:*:*:*:*", matchCriteriaId: "F74EE4D5-E968-4851-89E6-4152F64930F2", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:web_dispatcher:7.89:*:*:*:*:*:*:*", matchCriteriaId: "097ED3E8-49B1-497E-BD43-28C397FBEAE8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SAP CommonCryptoLib allows an unauthenticated attacker to craft a request, which when submitted to an open port causes a memory corruption error in a library which in turn causes the target component to crash making it unavailable. There is no ability to view or modify any information.", }, { lang: "es", value: "SAP CommonCryptoLib permite que un atacante no autenticado cree una solicitud que, cuando se envía a un puerto abierto, provoca un error de corrupción de memoria en una librería, lo que a su vez provoca que el componente de target falle y deje de estar disponible. No hay posibilidad de ver o modificar ninguna información.", }, ], id: "CVE-2023-40308", lastModified: "2024-11-21T08:19:12.393", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "cna@sap.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-09-12T02:15:12.610", references: [ { source: "cna@sap.com", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://me.sap.com/notes/3327896", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://me.sap.com/notes/3327896", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "cna@sap.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-12-09 17:15
Modified
2024-11-21 05:20
Severity ?
Summary
SAP AS JAVA (Key Storage Service), versions - 7.10, 7.11, 7.20 ,7.30, 7.31, 7.40, 7.50, has the key material which is stored in the SAP NetWeaver AS Java Key Storage service stored in the database in the DER encoded format and is not encrypted. This enables an attacker who has administrator access to the SAP NetWeaver AS Java to decode the keys because of missing encryption and get some application data and client credentials of adjacent systems. This highly impacts Confidentiality as information disclosed could contain client credentials of adjacent systems.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://launchpad.support.sap.com/#/notes/2971163 | Permissions Required | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/2971163 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.10 | |
| sap | netweaver_application_server_java | 7.11 | |
| sap | netweaver_application_server_java | 7.20 | |
| sap | netweaver_application_server_java | 7.30 | |
| sap | netweaver_application_server_java | 7.31 | |
| sap | netweaver_application_server_java | 7.40 | |
| sap | netweaver_application_server_java | 7.50 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.10:*:*:*:*:*:*:*", matchCriteriaId: "D60371A7-F8F4-46F8-9659-DD4EE84B81EA", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.11:*:*:*:*:*:*:*", matchCriteriaId: "C6B085AF-8CEE-4A87-B381-F36C989FB2A0", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.20:*:*:*:*:*:*:*", matchCriteriaId: "43A28C48-4325-4694-88B1-FEE46EBFB0A6", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.30:*:*:*:*:*:*:*", matchCriteriaId: "24A1E0B9-8C28-41BC-B050-237B5F929C9C", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.31:*:*:*:*:*:*:*", matchCriteriaId: "EEAE6C2A-821F-4123-BD56-0FDADF9D63C8", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*", matchCriteriaId: "F5308FCE-8B2C-4B4D-BEE7-3CF544570B68", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", matchCriteriaId: "9C506445-3787-4BFF-A98B-7502A0F7CF80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SAP AS JAVA (Key Storage Service), versions - 7.10, 7.11, 7.20 ,7.30, 7.31, 7.40, 7.50, has the key material which is stored in the SAP NetWeaver AS Java Key Storage service stored in the database in the DER encoded format and is not encrypted. This enables an attacker who has administrator access to the SAP NetWeaver AS Java to decode the keys because of missing encryption and get some application data and client credentials of adjacent systems. This highly impacts Confidentiality as information disclosed could contain client credentials of adjacent systems.", }, { lang: "es", value: "SAP AS JAVA (Key Storage Service), versiones - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, posee el material de claves que es almacenado en el servicio SAP NetWeaver AS Java Key Storage almacenado en la base de datos en el formato codificado DER. y no está cifrado. Esto permite a un atacante que tiene acceso de administrador a SAP NetWeaver AS Java decodificar las claves debido a la falta de cifrado y obtener algunos datos de la aplicación y las credenciales de cliente de los sistemas adyacentes. Esto tiene un gran impacto en la confidencialidad, ya que la información divulgada podría contener credenciales de clientes de sistemas adyacentes", }, ], id: "CVE-2020-26816", lastModified: "2024-11-21T05:20:20.077", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 2.7, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:A/AC:L/Au:S/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 1, impactScore: 4, source: "cna@sap.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 4.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-12-09T17:15:30.713", references: [ { source: "cna@sap.com", tags: [ "Permissions Required", ], url: "https://launchpad.support.sap.com/#/notes/2971163", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "https://launchpad.support.sap.com/#/notes/2971163", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-312", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-05-23 04:29
Modified
2025-04-20 01:37
Severity ?
Summary
The Visual Composer VC70RUNTIME component in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity (XXE) attacks via a crafted XML document in a request to irj/servlet/prt/portal/prtroot/com.sap.visualcomposer.BIKit.default, aka SAP Security Note 2386873.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.50 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", matchCriteriaId: "9C506445-3787-4BFF-A98B-7502A0F7CF80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Visual Composer VC70RUNTIME component in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity (XXE) attacks via a crafted XML document in a request to irj/servlet/prt/portal/prtroot/com.sap.visualcomposer.BIKit.default, aka SAP Security Note 2386873.", }, { lang: "es", value: "El componente VC70RUNTIME de Visual Composer en SAP NetWeaver AS JAVA versión 7.5 permite a los usuarios autenticados remotos conducir ataques de tipo XML External Entity (XXE) por medio de un documento XML creado en una petición a irj/servlet/prt/portal/prtroot/com.sap.visualcomposer.BIKit .default, también se conoce como Nota de Seguridad de SAP 2386873.", }, ], id: "CVE-2017-8913", lastModified: "2025-04-20T01:37:25.860", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-05-23T04:29:02.243", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://erpscan.io/advisories/erpscan-17-007-sap-netweaver-java-7-5-xxe-visual-composer-vc70runtime/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://erpscan.io/press-center/blog/sap-cyber-threat-intelligence-report-february-2017/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://erpscan.io/advisories/erpscan-17-007-sap-netweaver-java-7-5-xxe-visual-composer-vc70runtime/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://erpscan.io/press-center/blog/sap-cyber-threat-intelligence-report-february-2017/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-611", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-12-11 22:29
Modified
2024-11-21 04:03
Severity ?
Summary
SAML 2.0 functionality in SAP NetWeaver AS Java, does not sufficiently validate XML documents received from an untrusted source. This is fixed in versions 7.2, 7.30, 7.31, 7.40 and 7.50.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | http://www.securityfocus.com/bid/106153 | Third Party Advisory, VDB Entry | |
| cna@sap.com | https://launchpad.support.sap.com/#/notes/2642680 | Permissions Required | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/106153 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/2642680 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.20 | |
| sap | netweaver_application_server_java | 7.30 | |
| sap | netweaver_application_server_java | 7.31 | |
| sap | netweaver_application_server_java | 7.40 | |
| sap | netweaver_application_server_java | 7.50 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.20:*:*:*:*:*:*:*", matchCriteriaId: "43A28C48-4325-4694-88B1-FEE46EBFB0A6", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.30:*:*:*:*:*:*:*", matchCriteriaId: "24A1E0B9-8C28-41BC-B050-237B5F929C9C", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.31:*:*:*:*:*:*:*", matchCriteriaId: "EEAE6C2A-821F-4123-BD56-0FDADF9D63C8", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*", matchCriteriaId: "F5308FCE-8B2C-4B4D-BEE7-3CF544570B68", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", matchCriteriaId: "9C506445-3787-4BFF-A98B-7502A0F7CF80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SAML 2.0 functionality in SAP NetWeaver AS Java, does not sufficiently validate XML documents received from an untrusted source. This is fixed in versions 7.2, 7.30, 7.31, 7.40 and 7.50.", }, { lang: "es", value: "La funcionalidad de SAML 2.0 en SAP NetWeaver AS Java no valida lo suficiente los documentos XML recibidos de una fuente no fiable. La vulnerabilidad se ha solucionado en las versiones 7.2, 7.30, 7.31, 7.40 y 7.50.", }, ], id: "CVE-2018-2492", lastModified: "2024-11-21T04:03:54.950", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 5.5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:N/I:P/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 4.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-12-11T22:29:00.297", references: [ { source: "cna@sap.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106153", }, { source: "cna@sap.com", tags: [ "Permissions Required", ], url: "https://launchpad.support.sap.com/#/notes/2642680", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106153", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "https://launchpad.support.sap.com/#/notes/2642680", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-611", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-11-23 02:59
Modified
2025-04-12 10:46
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
BC-BMT-BPM-DSK in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity (XXE) attacks via the sap.com~tc~bpem~him~uwlconn~provider~web/bpemuwlconn URI, aka SAP Security Note 2296909.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/92419 | Broken Link, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://erpscan.io/advisories/erpscan-16-034-sap-netweaver-java-xxe-vulnerability-bc-bmt-bpm-dsk-component/ | Third Party Advisory, Broken Link | |
| cve@mitre.org | https://launchpad.support.sap.com/#/notes/2296909 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/92419 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://erpscan.io/advisories/erpscan-16-034-sap-netweaver-java-xxe-vulnerability-bc-bmt-bpm-dsk-component/ | Third Party Advisory, Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/2296909 | Permissions Required |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.50 |
{ cisaActionDue: "2022-05-03", cisaExploitAdd: "2021-11-03", cisaRequiredAction: "Apply updates per vendor instructions.", cisaVulnerabilityName: "SAP NetWeaver XML External Entity (XXE) Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", matchCriteriaId: "9C506445-3787-4BFF-A98B-7502A0F7CF80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "BC-BMT-BPM-DSK in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity (XXE) attacks via the sap.com~tc~bpem~him~uwlconn~provider~web/bpemuwlconn URI, aka SAP Security Note 2296909.", }, { lang: "es", value: "BC-BMT-BPM-DSK en SAP NetWeaver AS JAVA 7.5 permite a usuarios remotos autenticados llevar a cabo ataques XML External Entity (XXE) a través de la URI sap.com~tc~bpem~him~uwlconn~provider~web/bpemuwlconn, vulnerabilidad también conocida como SAP Security Note 2296909.", }, ], id: "CVE-2016-9563", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 4, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2016-11-23T02:59:06.370", references: [ { source: "cve@mitre.org", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/92419", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "Broken Link", ], url: "https://erpscan.io/advisories/erpscan-16-034-sap-netweaver-java-xxe-vulnerability-bc-bmt-bpm-dsk-component/", }, { source: "cve@mitre.org", tags: [ "Permissions Required", ], url: "https://launchpad.support.sap.com/#/notes/2296909", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/92419", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "Broken Link", ], url: "https://erpscan.io/advisories/erpscan-16-034-sap-netweaver-java-xxe-vulnerability-bc-bmt-bpm-dsk-component/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "https://launchpad.support.sap.com/#/notes/2296909", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-611", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-611", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2020-10-15 02:15
Modified
2024-11-21 05:35
Severity ?
Summary
SAP NetWeaver Application Server Java, versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, and 7.50 allows an unauthenticated attacker to include JavaScript blocks in any web page or URL with different symbols which are otherwise not allowed. On successful exploitation an attacker can steal authentication information of the user, such as data relating to his or her current session and limitedly impact confidentiality and integrity of the application, leading to Reflected Cross Site Scripting.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://launchpad.support.sap.com/#/notes/2956398 | Permissions Required | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=558632196 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/2956398 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=558632196 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.10 | |
| sap | netweaver_application_server_java | 7.11 | |
| sap | netweaver_application_server_java | 7.20 | |
| sap | netweaver_application_server_java | 7.30 | |
| sap | netweaver_application_server_java | 7.31 | |
| sap | netweaver_application_server_java | 7.40 | |
| sap | netweaver_application_server_java | 7.50 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.10:*:*:*:*:*:*:*", matchCriteriaId: "D60371A7-F8F4-46F8-9659-DD4EE84B81EA", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.11:*:*:*:*:*:*:*", matchCriteriaId: "C6B085AF-8CEE-4A87-B381-F36C989FB2A0", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.20:*:*:*:*:*:*:*", matchCriteriaId: "43A28C48-4325-4694-88B1-FEE46EBFB0A6", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.30:*:*:*:*:*:*:*", matchCriteriaId: "24A1E0B9-8C28-41BC-B050-237B5F929C9C", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.31:*:*:*:*:*:*:*", matchCriteriaId: "EEAE6C2A-821F-4123-BD56-0FDADF9D63C8", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*", matchCriteriaId: "F5308FCE-8B2C-4B4D-BEE7-3CF544570B68", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", matchCriteriaId: "9C506445-3787-4BFF-A98B-7502A0F7CF80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SAP NetWeaver Application Server Java, versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, and 7.50 allows an unauthenticated attacker to include JavaScript blocks in any web page or URL with different symbols which are otherwise not allowed. On successful exploitation an attacker can steal authentication information of the user, such as data relating to his or her current session and limitedly impact confidentiality and integrity of the application, leading to Reflected Cross Site Scripting.", }, { lang: "es", value: "SAP NetWeaver Application Server Java, versiones - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40 y 7.50, permite a un atacante no autenticado incluir bloques de JavaScript en cualquier página web o URL con diferentes símbolos que de otro modo no están permitidos. En una explotación con éxito, un atacante puede robar información de autenticación del usuario, tal y como datos relacionados con su sesión actual e impactar de manera limitada la confidencialidad e integridad de la aplicación, conllevando a una vulnerabilidad de tipo Cross Site Scripting Reflejado", }, ], id: "CVE-2020-6319", lastModified: "2024-11-21T05:35:30.093", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "cna@sap.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-10-15T02:15:12.593", references: [ { source: "cna@sap.com", tags: [ "Permissions Required", ], url: "https://launchpad.support.sap.com/#/notes/2956398", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=558632196", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "https://launchpad.support.sap.com/#/notes/2956398", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=558632196", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-09-09 13:15
Modified
2024-11-21 05:35
Severity ?
Summary
SAP NetWeaver Application Server JAVA(XML Forms) versions 7.30, 7.31, 7.40, 7.50 does not sufficiently encode user controlled inputs, which allows an authenticated User with special roles to store malicious content, that when accessed by a victim, can perform malicious actions by executing JavaScript, leading to Stored Cross-Site Scripting.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://launchpad.support.sap.com/#/notes/2953112 | Permissions Required | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=557449700 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/2953112 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=557449700 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.30 | |
| sap | netweaver_application_server_java | 7.31 | |
| sap | netweaver_application_server_java | 7.40 | |
| sap | netweaver_application_server_java | 7.50 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.30:*:*:*:*:*:*:*", matchCriteriaId: "24A1E0B9-8C28-41BC-B050-237B5F929C9C", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.31:*:*:*:*:*:*:*", matchCriteriaId: "EEAE6C2A-821F-4123-BD56-0FDADF9D63C8", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*", matchCriteriaId: "F5308FCE-8B2C-4B4D-BEE7-3CF544570B68", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", matchCriteriaId: "9C506445-3787-4BFF-A98B-7502A0F7CF80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SAP NetWeaver Application Server JAVA(XML Forms) versions 7.30, 7.31, 7.40, 7.50 does not sufficiently encode user controlled inputs, which allows an authenticated User with special roles to store malicious content, that when accessed by a victim, can perform malicious actions by executing JavaScript, leading to Stored Cross-Site Scripting.", }, { lang: "es", value: "SAP NetWeaver Application Server JAVA(XML Forms) versiones 7.30, 7.31, 7.40, 7.50, no codifican suficientemente las entradas controladas por el usuario, lo que permite a un Usuario autenticado con roles especiales almacenar contenido malicioso, que cuando accesaba una víctima, puede llevar a cabo acciones maliciosas al ejecutar un JavaScript, conllevando a una vulnerabilidad de tipo Cross-Site Scripting Almacenado.", }, ], id: "CVE-2020-6313", lastModified: "2024-11-21T05:35:29.420", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 4, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, exploitabilityScore: 2.3, impactScore: 2.7, source: "cna@sap.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-09-09T13:15:11.830", references: [ { source: "cna@sap.com", tags: [ "Permissions Required", ], url: "https://launchpad.support.sap.com/#/notes/2953112", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=557449700", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "https://launchpad.support.sap.com/#/notes/2953112", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=557449700", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, { lang: "en", value: "CWE-116", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-11-13 22:15
Modified
2024-11-21 04:16
Severity ?
Summary
An administrator of SAP NetWeaver Application Server Java (J2EE-Framework), (corrected in versions 7.1, 7.2, 7.3, 7.31, 7.4, 7.5), may change privileges for all or some functions in Java Server, and enable users to execute functions, they are not allowed to execute otherwise.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://launchpad.support.sap.com/#/notes/2814357 | Permissions Required, Vendor Advisory | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528880390 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/2814357 | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528880390 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.1 | |
| sap | netweaver_application_server_java | 7.2 | |
| sap | netweaver_application_server_java | 7.3 | |
| sap | netweaver_application_server_java | 7.4 | |
| sap | netweaver_application_server_java | 7.5 | |
| sap | netweaver_application_server_java | 7.31 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.1:*:*:*:*:*:*:*", matchCriteriaId: "ADA4F6C9-1CB3-4D82-AD9B-F0BD8203CC83", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.2:*:*:*:*:*:*:*", matchCriteriaId: "ADA6C739-64A9-4B97-90AE-8F8EF7025A10", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.3:*:*:*:*:*:*:*", matchCriteriaId: "4FEABB91-A615-426E-A652-5390C1B21A03", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.4:*:*:*:*:*:*:*", matchCriteriaId: "5AF1183A-3410-4E08-9473-3FF36C2096FE", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.5:*:*:*:*:*:*:*", matchCriteriaId: "CFF5713B-C0C4-4062-BC6F-0BBD1E6FF620", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.31:*:*:*:*:*:*:*", matchCriteriaId: "EEAE6C2A-821F-4123-BD56-0FDADF9D63C8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An administrator of SAP NetWeaver Application Server Java (J2EE-Framework), (corrected in versions 7.1, 7.2, 7.3, 7.31, 7.4, 7.5), may change privileges for all or some functions in Java Server, and enable users to execute functions, they are not allowed to execute otherwise.", }, { lang: "es", value: "Un administrador de SAP NetWeaver Application Server Java (J2EE-Framework), (corregido en las versiones 7.1, 7.2, 7.3, 7.31, 7.4, 7.5), puede cambiar los privilegios para todas o algunas funciones en Java Server, y permitir a usuarios ejecutar funciones, que no son permitidas ejecutar de otro modo.", }, ], id: "CVE-2019-0389", lastModified: "2024-11-21T04:16:47.110", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-11-13T22:15:11.617", references: [ { source: "cna@sap.com", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://launchpad.support.sap.com/#/notes/2814357", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528880390", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://launchpad.support.sap.com/#/notes/2814357", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528880390", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-07-14 12:15
Modified
2024-11-21 06:09
Severity ?
Summary
SAP NetWeaver AS for Java (Http Service Monitoring Filter), versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker to send multiple HTTP requests with different method types thereby crashing the filter and making the HTTP server unavailable to other legitimate users leading to denial of service vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | http://packetstormsecurity.com/files/166965/SAP-NetWeaver-Java-Denial-Of-Service.html | Patch, Third Party Advisory, VDB Entry | |
| cna@sap.com | http://seclists.org/fulldisclosure/2022/May/4 | Mailing List, Patch, Third Party Advisory | |
| cna@sap.com | https://launchpad.support.sap.com/#/notes/3056652 | Permissions Required | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=580617506 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/166965/SAP-NetWeaver-Java-Denial-Of-Service.html | Patch, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2022/May/4 | Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/3056652 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=580617506 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.10 | |
| sap | netweaver_application_server_java | 7.11 | |
| sap | netweaver_application_server_java | 7.20 | |
| sap | netweaver_application_server_java | 7.30 | |
| sap | netweaver_application_server_java | 7.31 | |
| sap | netweaver_application_server_java | 7.40 | |
| sap | netweaver_application_server_java | 7.50 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.10:*:*:*:*:*:*:*", matchCriteriaId: "D60371A7-F8F4-46F8-9659-DD4EE84B81EA", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.11:*:*:*:*:*:*:*", matchCriteriaId: "C6B085AF-8CEE-4A87-B381-F36C989FB2A0", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.20:*:*:*:*:*:*:*", matchCriteriaId: "43A28C48-4325-4694-88B1-FEE46EBFB0A6", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.30:*:*:*:*:*:*:*", matchCriteriaId: "24A1E0B9-8C28-41BC-B050-237B5F929C9C", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.31:*:*:*:*:*:*:*", matchCriteriaId: "EEAE6C2A-821F-4123-BD56-0FDADF9D63C8", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*", matchCriteriaId: "F5308FCE-8B2C-4B4D-BEE7-3CF544570B68", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", matchCriteriaId: "9C506445-3787-4BFF-A98B-7502A0F7CF80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SAP NetWeaver AS for Java (Http Service Monitoring Filter), versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker to send multiple HTTP requests with different method types thereby crashing the filter and making the HTTP server unavailable to other legitimate users leading to denial of service vulnerability.", }, { lang: "es", value: "SAP NetWeaver AS for Java (Http Service Monitoring Filter), versiones - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, permite a un atacante enviar múltiples peticiones HTTP con diferentes tipos de métodos, bloqueando así el filtro y haciendo que el servidor HTTP no esté disponible para otros usuarios legítimos, conllevando a una vulnerabilidad denegación de servicio", }, ], id: "CVE-2021-33670", lastModified: "2024-11-21T06:09:19.560", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "cna@sap.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-07-14T12:15:08.243", references: [ { source: "cna@sap.com", tags: [ "Patch", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/166965/SAP-NetWeaver-Java-Denial-Of-Service.html", }, { source: "cna@sap.com", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2022/May/4", }, { source: "cna@sap.com", tags: [ "Permissions Required", ], url: "https://launchpad.support.sap.com/#/notes/3056652", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=580617506", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/166965/SAP-NetWeaver-Java-Denial-Of-Service.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2022/May/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "https://launchpad.support.sap.com/#/notes/3056652", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=580617506", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-11-14 01:15
Modified
2024-11-21 08:22
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
The unauthenticated attacker in NetWeaver AS Java Logon application - version 7.50, can brute force the login functionality to identify the legitimate user ids. This will have an impact on confidentiality but there is no other impact on integrity or availability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://me.sap.com/notes/3366410 | Permissions Required | |
| cna@sap.com | https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://me.sap.com/notes/3366410 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.50 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", matchCriteriaId: "9C506445-3787-4BFF-A98B-7502A0F7CF80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The unauthenticated attacker in NetWeaver AS Java Logon application - version 7.50, can brute force the login functionality to identify the legitimate user ids. This will have an impact on confidentiality but there is no other impact on integrity or availability.\n\n", }, { lang: "es", value: "El atacante no autenticado en la aplicación NetWeaver AS Java Logon versión 7.50 puede forzar la funcionalidad de inicio de sesión para identificar los ID de usuario legítimos. Esto tendrá un impacto en la confidencialidad, pero no hay ningún otro impacto en la integridad o disponibilidad.", }, ], id: "CVE-2023-42480", lastModified: "2024-11-21T08:22:38.427", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "cna@sap.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-11-14T01:15:07.907", references: [ { source: "cna@sap.com", tags: [ "Permissions Required", ], url: "https://me.sap.com/notes/3366410", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "https://me.sap.com/notes/3366410", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-307", }, ], source: "cna@sap.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-07-25 18:29
Modified
2025-04-20 01:37
Severity ?
Summary
XML external entity (XXE) vulnerability in com.sap.km.cm.ice in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request, aka SAP Security Note 2387249.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/97572 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://erpscan.io/advisories/erpscan-17-018-sap-netweaver-java-7-5-xxe-com-sap-km-cm-ice/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/97572 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://erpscan.io/advisories/erpscan-17-018-sap-netweaver-java-7-5-xxe-com-sap-km-cm-ice/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.50 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", matchCriteriaId: "9C506445-3787-4BFF-A98B-7502A0F7CF80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "XML external entity (XXE) vulnerability in com.sap.km.cm.ice in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request, aka SAP Security Note 2387249.", }, { lang: "es", value: "La vulnerabilidad tipo XML external entity (XXE) en componente com.sap.km.cm.ice en SAP NetWeaver AS JAVA versión 7.5 permite a los usuarios identificados remotos leer archivos arbitrarios o conducir ataques de tipo server-side request forgery (SSRF) por medio de una DTD creada en una petición XML, también se conoce como Nota de Seguridad de SAP 2387249.", }, ], id: "CVE-2017-11457", lastModified: "2025-04-20T01:37:25.860", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 4, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-07-25T18:29:01.103", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/97572", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://erpscan.io/advisories/erpscan-17-018-sap-netweaver-java-7-5-xxe-com-sap-km-cm-ice/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/97572", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://erpscan.io/advisories/erpscan-17-018-sap-netweaver-java-7-5-xxe-com-sap-km-cm-ice/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-611", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-02-09 23:15
Modified
2024-11-21 06:46
Severity ?
Summary
In SAP NetWeaver Application Server Java - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, an unauthenticated attacker could submit a crafted HTTP server request which triggers improper shared memory buffer handling. This could allow the malicious payload to be executed and hence execute functions that could be impersonating the victim or even steal the victim's logon session.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://launchpad.support.sap.com/#/notes/3123427 | Permissions Required, Vendor Advisory | |
| cna@sap.com | https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/3123427 | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.22 | |
| sap | netweaver_application_server_java | 7.49 | |
| sap | netweaver_application_server_java | 7.53 | |
| sap | netweaver_application_server_java | krnl64nuc_7.22 | |
| sap | netweaver_application_server_java | krnl64nuc_7.22ext | |
| sap | netweaver_application_server_java | krnl64nuc_7.49 | |
| sap | netweaver_application_server_java | krnl64uc_7.22 | |
| sap | netweaver_application_server_java | krnl64uc_7.22ext | |
| sap | netweaver_application_server_java | krnl64uc_7.49 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.22:*:*:*:*:*:*:*", matchCriteriaId: "0C50443A-8C3D-46D3-8FF7-A4CFC2C0C184", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.49:*:*:*:*:*:*:*", matchCriteriaId: "CA667A93-ADC5-4B46-8CE0-6AC3535B0BC1", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.53:*:*:*:*:*:*:*", matchCriteriaId: "C31830DA-EA34-46F7-9CE5-4BFEAD7B19D2", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:krnl64nuc_7.22:*:*:*:*:*:*:*", matchCriteriaId: "9374DC36-C1F6-475B-9EED-052A50A73DA6", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:krnl64nuc_7.22ext:*:*:*:*:*:*:*", matchCriteriaId: "411B23E4-EE88-43EE-975D-BB2D306846F1", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:krnl64nuc_7.49:*:*:*:*:*:*:*", matchCriteriaId: "15DD63FA-A334-4CA9-AAF1-5F6B0DE78703", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:krnl64uc_7.22:*:*:*:*:*:*:*", matchCriteriaId: "B674D815-7910-46E6-B8D0-4819ED7B56A6", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:krnl64uc_7.22ext:*:*:*:*:*:*:*", matchCriteriaId: "E860E042-5EBC-4AEA-9EFB-C1CF99EDEA96", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:krnl64uc_7.49:*:*:*:*:*:*:*", matchCriteriaId: "F050C2CF-C104-483A-A6B7-E6E67BFE68CF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In SAP NetWeaver Application Server Java - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, an unauthenticated attacker could submit a crafted HTTP server request which triggers improper shared memory buffer handling. This could allow the malicious payload to be executed and hence execute functions that could be impersonating the victim or even steal the victim's logon session.", }, { lang: "es", value: "En SAP NetWeaver Application Server Java - versiones KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, un atacante no autenticado podría enviar una petición de servidor HTTP diseñada que desencadene una administración inapropiada del búfer de memoria compartida. Esto podría permitir una ejecución de la carga útil maliciosa y, por lo tanto, ejecutar funciones que podrían suplantar a la víctima o incluso robar la sesión de inicio de sesión de la víctima", }, ], id: "CVE-2022-22532", lastModified: "2024-11-21T06:46:58.247", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-02-09T23:15:18.430", references: [ { source: "cna@sap.com", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://launchpad.support.sap.com/#/notes/3123427", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://launchpad.support.sap.com/#/notes/3123427", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-444", }, ], source: "cna@sap.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-444", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2020-04-14 19:15
Modified
2024-11-21 05:35
Severity ?
Summary
SAP NetWeaver AS Java (HTTP Service), versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker with administrator privileges to access user sensitive data such as passwords in trace files, when the user logs in and sends request with login credentials, leading to Information Disclosure.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://launchpad.support.sap.com/#/notes/2826528 | Permissions Required, Vendor Advisory | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=544214202 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/2826528 | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=544214202 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.10 | |
| sap | netweaver_application_server_java | 7.11 | |
| sap | netweaver_application_server_java | 7.20 | |
| sap | netweaver_application_server_java | 7.30 | |
| sap | netweaver_application_server_java | 7.31 | |
| sap | netweaver_application_server_java | 7.40 | |
| sap | netweaver_application_server_java | 7.50 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.10:*:*:*:*:*:*:*", matchCriteriaId: "D60371A7-F8F4-46F8-9659-DD4EE84B81EA", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.11:*:*:*:*:*:*:*", matchCriteriaId: "C6B085AF-8CEE-4A87-B381-F36C989FB2A0", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.20:*:*:*:*:*:*:*", matchCriteriaId: "43A28C48-4325-4694-88B1-FEE46EBFB0A6", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.30:*:*:*:*:*:*:*", matchCriteriaId: "24A1E0B9-8C28-41BC-B050-237B5F929C9C", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.31:*:*:*:*:*:*:*", matchCriteriaId: "EEAE6C2A-821F-4123-BD56-0FDADF9D63C8", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*", matchCriteriaId: "F5308FCE-8B2C-4B4D-BEE7-3CF544570B68", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", matchCriteriaId: "9C506445-3787-4BFF-A98B-7502A0F7CF80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SAP NetWeaver AS Java (HTTP Service), versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker with administrator privileges to access user sensitive data such as passwords in trace files, when the user logs in and sends request with login credentials, leading to Information Disclosure.", }, { lang: "es", value: "SAP NetWeaver AS Java (HTTP Service), versiones 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, permite a un atacante con privilegios de administrador acceder a datos confidenciales del usuario, tales como contraseñas en archivos de rastreo, cuando el usuario inicia sesión y envía una petición con credenciales de inicio de sesión, conllevando a una Divulgación de Información.", }, ], id: "CVE-2020-6224", lastModified: "2024-11-21T05:35:20.047", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 3.5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:S/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 0.9, impactScore: 3.6, source: "cna@sap.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.2, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-14T19:15:17.530", references: [ { source: "cna@sap.com", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://launchpad.support.sap.com/#/notes/2826528", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=544214202", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://launchpad.support.sap.com/#/notes/2826528", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=544214202", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-532", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-04-13 19:15
Modified
2024-11-21 05:58
Severity ?
Summary
SAP NetWeaver AS JAVA (Customer Usage Provisioning Servlet), versions - 7.31, 7.40, 7.50, allows an attacker to read some statistical data like product version, traffic, timestamp etc. because of missing authorization check in the servlet.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://launchpad.support.sap.com/#/notes/3027937 | Permissions Required | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=573801649 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/3027937 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=573801649 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.31 | |
| sap | netweaver_application_server_java | 7.40 | |
| sap | netweaver_application_server_java | 7.50 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.31:*:*:*:*:*:*:*", matchCriteriaId: "EEAE6C2A-821F-4123-BD56-0FDADF9D63C8", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*", matchCriteriaId: "F5308FCE-8B2C-4B4D-BEE7-3CF544570B68", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", matchCriteriaId: "9C506445-3787-4BFF-A98B-7502A0F7CF80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SAP NetWeaver AS JAVA (Customer Usage Provisioning Servlet), versions - 7.31, 7.40, 7.50, allows an attacker to read some statistical data like product version, traffic, timestamp etc. because of missing authorization check in the servlet.", }, { lang: "es", value: "SAP NetWeaver AS JAVA (Customer Usage Provisioning Servlet), versiones - 7.31, 7.40, 7.50, permite a un atacante leer algunos datos estadísticos como la versión del producto, el tráfico, la marca de tiempo, etc. debido a una falta de comprobación de autorización en el servlet", }, ], id: "CVE-2021-27598", lastModified: "2024-11-21T05:58:16.053", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 2.5, source: "cna@sap.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-04-13T19:15:15.117", references: [ { source: "cna@sap.com", tags: [ "Permissions Required", ], url: "https://launchpad.support.sap.com/#/notes/3027937", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=573801649", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "https://launchpad.support.sap.com/#/notes/3027937", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=573801649", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-284", }, ], source: "cna@sap.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-862", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-07-14 12:15
Modified
2024-11-21 06:09
Severity ?
Summary
SAP NetWeaver AS JAVA (Enterprise Portal), versions - 7.10, 7.20, 7.30, 7.31, 7.40, 7.50 reveals sensitive information in one of their HTTP requests, an attacker can use this in conjunction with other attacks such as XSS to steal this information.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | http://packetstormsecurity.com/files/164600/SAP-Enterprise-Portal-Sensitive-Data-Disclosure.html | Patch, Third Party Advisory, VDB Entry | |
| cna@sap.com | http://seclists.org/fulldisclosure/2021/Oct/32 | Mailing List, Patch, Third Party Advisory | |
| cna@sap.com | https://launchpad.support.sap.com/#/notes/3059764 | Permissions Required | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=580617506 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/164600/SAP-Enterprise-Portal-Sensitive-Data-Disclosure.html | Patch, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2021/Oct/32 | Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/3059764 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=580617506 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.10 | |
| sap | netweaver_application_server_java | 7.20 | |
| sap | netweaver_application_server_java | 7.30 | |
| sap | netweaver_application_server_java | 7.31 | |
| sap | netweaver_application_server_java | 7.40 | |
| sap | netweaver_application_server_java | 7.50 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.10:*:*:*:*:*:*:*", matchCriteriaId: "D60371A7-F8F4-46F8-9659-DD4EE84B81EA", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.20:*:*:*:*:*:*:*", matchCriteriaId: "43A28C48-4325-4694-88B1-FEE46EBFB0A6", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.30:*:*:*:*:*:*:*", matchCriteriaId: "24A1E0B9-8C28-41BC-B050-237B5F929C9C", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.31:*:*:*:*:*:*:*", matchCriteriaId: "EEAE6C2A-821F-4123-BD56-0FDADF9D63C8", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*", matchCriteriaId: "F5308FCE-8B2C-4B4D-BEE7-3CF544570B68", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", matchCriteriaId: "9C506445-3787-4BFF-A98B-7502A0F7CF80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SAP NetWeaver AS JAVA (Enterprise Portal), versions - 7.10, 7.20, 7.30, 7.31, 7.40, 7.50 reveals sensitive information in one of their HTTP requests, an attacker can use this in conjunction with other attacks such as XSS to steal this information.", }, { lang: "es", value: "SAP NetWeaver AS JAVA (Enterprise Portal), versiones - 7.10, 7.20, 7.30, 7.31, 7.40, 7.50, revela información confidencial en una de sus peticiones HTTP, un atacante puede usar esto en conjunto con otros ataques como de tipo XSS para robar esta información", }, ], id: "CVE-2021-33687", lastModified: "2024-11-21T06:09:22.120", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 4, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 0.9, impactScore: 3.6, source: "cna@sap.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-07-14T12:15:09.747", references: [ { source: "cna@sap.com", tags: [ "Patch", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/164600/SAP-Enterprise-Portal-Sensitive-Data-Disclosure.html", }, { source: "cna@sap.com", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2021/Oct/32", }, { source: "cna@sap.com", tags: [ "Permissions Required", ], url: "https://launchpad.support.sap.com/#/notes/3059764", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=580617506", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/164600/SAP-Enterprise-Portal-Sensitive-Data-Disclosure.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2021/Oct/32", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "https://launchpad.support.sap.com/#/notes/3059764", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=580617506", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-08-14 14:15
Modified
2024-11-21 04:16
Severity ?
Summary
A remote unauthenticated attacker can abuse a web service in SAP NetWeaver Application Server for Java (Administrator System Overview), versions 7.30, 7.31, 7.40, 7.50, by sending a specially crafted XML file and trick the application server into leaking authentication credentials for its own SAP Management console, resulting in Server-Side Request Forgery.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://launchpad.support.sap.com/#/notes/2813811 | Permissions Required, Vendor Advisory | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/2813811 | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver_application_server_java | 7.30 | |
| sap | netweaver_application_server_java | 7.31 | |
| sap | netweaver_application_server_java | 7.40 | |
| sap | netweaver_application_server_java | 7.50 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.30:*:*:*:*:*:*:*", matchCriteriaId: "24A1E0B9-8C28-41BC-B050-237B5F929C9C", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.31:*:*:*:*:*:*:*", matchCriteriaId: "EEAE6C2A-821F-4123-BD56-0FDADF9D63C8", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*", matchCriteriaId: "F5308FCE-8B2C-4B4D-BEE7-3CF544570B68", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", matchCriteriaId: "9C506445-3787-4BFF-A98B-7502A0F7CF80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A remote unauthenticated attacker can abuse a web service in SAP NetWeaver Application Server for Java (Administrator System Overview), versions 7.30, 7.31, 7.40, 7.50, by sending a specially crafted XML file and trick the application server into leaking authentication credentials for its own SAP Management console, resulting in Server-Side Request Forgery.", }, { lang: "es", value: "Un atacante remoto no autenticado puede abusar de un servicio web en SAP NetWeaver Application Server for Java (Administrator System Overview), versiones 7.30, 7.31, 7.40, 7.50, enviando un archivo XML especialmente diseñado y engañando al servidor de aplicaciones al filtrar credenciales de autenticación para su propia consola de SAP Management, resultando en un ataque de tipo Server-Side Request Forgery.", }, ], id: "CVE-2019-0345", lastModified: "2024-11-21T04:16:43.190", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-08-14T14:15:16.543", references: [ { source: "cna@sap.com", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://launchpad.support.sap.com/#/notes/2813811", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://launchpad.support.sap.com/#/notes/2813811", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-918", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
cve-2020-6365
Vulnerability from cvelistv5
Published
2020-10-15 02:03
Modified
2024-08-04 09:02
Severity ?
EPSS score ?
Summary
SAP NetWeaver AS Java, versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, Start Page allows an unauthenticated remote attacker to redirect users to a malicious site due to insufficient reverse tabnabbing URL validation. The attacker could execute phishing attacks to steal credentials of the victim or to redirect users to untrusted web pages containing malware or similar malicious exploits.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=558632196 | x_refsource_MISC | |
| https://launchpad.support.sap.com/#/notes/2969828 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP SE | SAP NetWeaver Application Server Java |
Version: < 7.10 Version: < 7.11 Version: < 7.20 Version: < 7.30 Version: < 7.31 Version: < 7.40 Version: < 7.50 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:02:39.998Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=558632196", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/2969828", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SAP NetWeaver Application Server Java", vendor: "SAP SE", versions: [ { status: "affected", version: "< 7.10", }, { status: "affected", version: "< 7.11", }, { status: "affected", version: "< 7.20", }, { status: "affected", version: "< 7.30", }, { status: "affected", version: "< 7.31", }, { status: "affected", version: "< 7.40", }, { status: "affected", version: "< 7.50", }, ], }, ], descriptions: [ { lang: "en", value: "SAP NetWeaver AS Java, versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, Start Page allows an unauthenticated remote attacker to redirect users to a malicious site due to insufficient reverse tabnabbing URL validation. The attacker could execute phishing attacks to steal credentials of the victim or to redirect users to untrusted web pages containing malware or similar malicious exploits.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "Reverse Tabnabbing", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-10-15T02:03:40", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=558632196", }, { tags: [ "x_refsource_MISC", ], url: "https://launchpad.support.sap.com/#/notes/2969828", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cna@sap.com", ID: "CVE-2020-6365", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SAP NetWeaver Application Server Java", version: { version_data: [ { version_name: "<", version_value: "7.10", }, { version_name: "<", version_value: "7.11", }, { version_name: "<", version_value: "7.20", }, { version_name: "<", version_value: "7.30", }, { version_name: "<", version_value: "7.31", }, { version_name: "<", version_value: "7.40", }, { version_name: "<", version_value: "7.50", }, ], }, }, ], }, vendor_name: "SAP SE", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "SAP NetWeaver AS Java, versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, Start Page allows an unauthenticated remote attacker to redirect users to a malicious site due to insufficient reverse tabnabbing URL validation. The attacker could execute phishing attacks to steal credentials of the victim or to redirect users to untrusted web pages containing malware or similar malicious exploits.", }, ], }, impact: { cvss: { baseScore: "4.7", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Reverse Tabnabbing", }, ], }, ], }, references: { reference_data: [ { name: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=558632196", refsource: "MISC", url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=558632196", }, { name: "https://launchpad.support.sap.com/#/notes/2969828", refsource: "MISC", url: "https://launchpad.support.sap.com/#/notes/2969828", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2020-6365", datePublished: "2020-10-15T02:03:40", dateReserved: "2020-01-08T00:00:00", dateUpdated: "2024-08-04T09:02:39.998Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-6282
Vulnerability from cvelistv5
Published
2020-07-14 12:30
Modified
2024-08-04 08:55
Severity ?
EPSS score ?
Summary
SAP NetWeaver AS JAVA (IIOP service) (SERVERCORE), versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, and SAP NetWeaver AS JAVA (IIOP service) (CORE-TOOLS), versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker to send a crafted request from a vulnerable web application. It is usually used to target internal systems behind firewalls that are normally inaccessible to an attacker from the external network, resulting in a Server-Side Request Forgery vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675 | x_refsource_MISC | |
| https://launchpad.support.sap.com/#/notes/2896025 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | SAP SE | SAP NetWeaver AS JAVA (IIOP service) (SERVERCORE) |
Version: < 7.10 Version: < 7.11 Version: < 7.20 Version: < 7.30 Version: < 7.31 Version: < 7.40 Version: < 7.50 |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T08:55:22.289Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/2896025", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SAP NetWeaver AS JAVA (IIOP service) (SERVERCORE)", vendor: "SAP SE", versions: [ { status: "affected", version: "< 7.10", }, { status: "affected", version: "< 7.11", }, { status: "affected", version: "< 7.20", }, { status: "affected", version: "< 7.30", }, { status: "affected", version: "< 7.31", }, { status: "affected", version: "< 7.40", }, { status: "affected", version: "< 7.50", }, ], }, { product: "SAP NetWeaver AS JAVA (IIOP service) (CORE-TOOLS)", vendor: "SAP SE", versions: [ { status: "affected", version: "< 7.10", }, { status: "affected", version: "< 7.11", }, { status: "affected", version: "< 7.20", }, { status: "affected", version: "< 7.30", }, { status: "affected", version: "< 7.31", }, { status: "affected", version: "< 7.40", }, { status: "affected", version: "< 7.50", }, ], }, ], descriptions: [ { lang: "en", value: "SAP NetWeaver AS JAVA (IIOP service) (SERVERCORE), versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, and SAP NetWeaver AS JAVA (IIOP service) (CORE-TOOLS), versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker to send a crafted request from a vulnerable web application. It is usually used to target internal systems behind firewalls that are normally inaccessible to an attacker from the external network, resulting in a Server-Side Request Forgery vulnerability.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "Server-Side Request Forgery", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-07-14T12:30:14", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675", }, { tags: [ "x_refsource_MISC", ], url: "https://launchpad.support.sap.com/#/notes/2896025", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cna@sap.com", ID: "CVE-2020-6282", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SAP NetWeaver AS JAVA (IIOP service) (SERVERCORE)", version: { version_data: [ { version_name: "<", version_value: "7.10", }, { version_name: "<", version_value: "7.11", }, { version_name: "<", version_value: "7.20", }, { version_name: "<", version_value: "7.30", }, { version_name: "<", version_value: "7.31", }, { version_name: "<", version_value: "7.40", }, { version_name: "<", version_value: "7.50", }, ], }, }, { product_name: "SAP NetWeaver AS JAVA (IIOP service) (CORE-TOOLS)", version: { version_data: [ { version_name: "<", version_value: "7.10", }, { version_name: "<", version_value: "7.11", }, { version_name: "<", version_value: "7.20", }, { version_name: "<", version_value: "7.30", }, { version_name: "<", version_value: "7.31", }, { version_name: "<", version_value: "7.40", }, { version_name: "<", version_value: "7.50", }, ], }, }, ], }, vendor_name: "SAP SE", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "SAP NetWeaver AS JAVA (IIOP service) (SERVERCORE), versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, and SAP NetWeaver AS JAVA (IIOP service) (CORE-TOOLS), versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker to send a crafted request from a vulnerable web application. It is usually used to target internal systems behind firewalls that are normally inaccessible to an attacker from the external network, resulting in a Server-Side Request Forgery vulnerability.", }, ], }, impact: { cvss: { baseScore: "5.8", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Server-Side Request Forgery", }, ], }, ], }, references: { reference_data: [ { name: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675", refsource: "MISC", url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675", }, { name: "https://launchpad.support.sap.com/#/notes/2896025", refsource: "MISC", url: "https://launchpad.support.sap.com/#/notes/2896025", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2020-6282", datePublished: "2020-07-14T12:30:14", dateReserved: "2020-01-08T00:00:00", dateUpdated: "2024-08-04T08:55:22.289Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-0318
Vulnerability from cvelistv5
Published
2019-07-10 18:48
Modified
2024-08-04 17:44
Severity ?
EPSS score ?
Summary
Under certain conditions SAP NetWeaver Application Server for Java (Startup Framework), versions 7.21, 7.22, 7.45, 7.49, and 7.53, allows an attacker to access information which would otherwise be restricted.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/109069 | vdb-entry, x_refsource_BID | |
| https://launchpad.support.sap.com/#/notes/2738791 | x_refsource_MISC | |
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523994575 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP SE | SAP NetWeaver Application Server for Java (Startup Framework) |
Version: < 7.21 Version: < 7.22 Version: < 7.45 Version: < 7.49 Version: < 7.53 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T17:44:16.482Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "109069", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/109069", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/2738791", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523994575", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SAP NetWeaver Application Server for Java (Startup Framework)", vendor: "SAP SE", versions: [ { status: "affected", version: "< 7.21", }, { status: "affected", version: "< 7.22", }, { status: "affected", version: "< 7.45", }, { status: "affected", version: "< 7.49", }, { status: "affected", version: "< 7.53", }, ], }, ], descriptions: [ { lang: "en", value: "Under certain conditions SAP NetWeaver Application Server for Java (Startup Framework), versions 7.21, 7.22, 7.45, 7.49, and 7.53, allows an attacker to access information which would otherwise be restricted.", }, ], problemTypes: [ { descriptions: [ { description: "Information Disclosure", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-07-10T18:55:59", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { name: "109069", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/109069", }, { tags: [ "x_refsource_MISC", ], url: "https://launchpad.support.sap.com/#/notes/2738791", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523994575", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cna@sap.com", ID: "CVE-2019-0318", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SAP NetWeaver Application Server for Java (Startup Framework)", version: { version_data: [ { version_name: "<", version_value: "7.21", }, { version_name: "<", version_value: "7.22", }, { version_name: "<", version_value: "7.45", }, { version_name: "<", version_value: "7.49", }, { version_name: "<", version_value: "7.53", }, ], }, }, ], }, vendor_name: "SAP SE", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Under certain conditions SAP NetWeaver Application Server for Java (Startup Framework), versions 7.21, 7.22, 7.45, 7.49, and 7.53, allows an attacker to access information which would otherwise be restricted.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Information Disclosure", }, ], }, ], }, references: { reference_data: [ { name: "109069", refsource: "BID", url: "http://www.securityfocus.com/bid/109069", }, { name: "https://launchpad.support.sap.com/#/notes/2738791", refsource: "MISC", url: "https://launchpad.support.sap.com/#/notes/2738791", }, { name: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523994575", refsource: "CONFIRM", url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523994575", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2019-0318", datePublished: "2019-07-10T18:48:07", dateReserved: "2018-11-26T00:00:00", dateUpdated: "2024-08-04T17:44:16.482Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-0355
Vulnerability from cvelistv5
Published
2019-09-10 16:07
Modified
2024-08-04 17:44
Severity ?
EPSS score ?
Summary
SAP NetWeaver Application Server Java Web Container, ENGINEAPI (before versions 7.10, 7.20, 7.30, 7.31, 7.40, 7.50) and SAP-JEECOR (before versions 6.40, 7.0, 7.01), allows an attacker to inject code that can be executed by the application. An attacker could thereby control the behaviour of the application.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=525962506 | x_refsource_CONFIRM | |
| https://launchpad.support.sap.com/#/notes/2798336 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | SAP SE | SAP NetWeaver AS for Java (Web Container)-ENGINEAPI |
Version: < 7.10 Version: < 7.20 Version: < 7.30 Version: < 7.31 Version: < 7.40 Version: < 7.50 |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T17:44:16.479Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=525962506", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/2798336", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SAP NetWeaver AS for Java (Web Container)-ENGINEAPI", vendor: "SAP SE", versions: [ { status: "affected", version: "< 7.10", }, { status: "affected", version: "< 7.20", }, { status: "affected", version: "< 7.30", }, { status: "affected", version: "< 7.31", }, { status: "affected", version: "< 7.40", }, { status: "affected", version: "< 7.50", }, ], }, { product: "SAP NetWeaver AS for Java (Web Container)-SAP-JEECOR", vendor: "SAP SE", versions: [ { status: "affected", version: "< 6.40", }, { status: "affected", version: "< 7.0", }, { status: "affected", version: "< 7.01", }, ], }, ], descriptions: [ { lang: "en", value: "SAP NetWeaver Application Server Java Web Container, ENGINEAPI (before versions 7.10, 7.20, 7.30, 7.31, 7.40, 7.50) and SAP-JEECOR (before versions 6.40, 7.0, 7.01), allows an attacker to inject code that can be executed by the application. An attacker could thereby control the behaviour of the application.", }, ], problemTypes: [ { descriptions: [ { description: "Code Injection", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-09-10T16:07:10", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=525962506", }, { tags: [ "x_refsource_MISC", ], url: "https://launchpad.support.sap.com/#/notes/2798336", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cna@sap.com", ID: "CVE-2019-0355", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SAP NetWeaver AS for Java (Web Container)-ENGINEAPI", version: { version_data: [ { version_name: "<", version_value: "7.10", }, { version_name: "<", version_value: "7.20", }, { version_name: "<", version_value: "7.30", }, { version_name: "<", version_value: "7.31", }, { version_name: "<", version_value: "7.40", }, { version_name: "<", version_value: "7.50", }, ], }, }, { product_name: "SAP NetWeaver AS for Java (Web Container)-SAP-JEECOR", version: { version_data: [ { version_name: "<", version_value: "6.40", }, { version_name: "<", version_value: "7.0", }, { version_name: "<", version_value: "7.01", }, ], }, }, ], }, vendor_name: "SAP SE", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "SAP NetWeaver Application Server Java Web Container, ENGINEAPI (before versions 7.10, 7.20, 7.30, 7.31, 7.40, 7.50) and SAP-JEECOR (before versions 6.40, 7.0, 7.01), allows an attacker to inject code that can be executed by the application. An attacker could thereby control the behaviour of the application.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Code Injection", }, ], }, ], }, references: { reference_data: [ { name: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=525962506", refsource: "CONFIRM", url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=525962506", }, { name: "https://launchpad.support.sap.com/#/notes/2798336", refsource: "MISC", url: "https://launchpad.support.sap.com/#/notes/2798336", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2019-0355", datePublished: "2019-09-10T16:07:10", dateReserved: "2018-11-26T00:00:00", dateUpdated: "2024-08-04T17:44:16.479Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-2452
Vulnerability from cvelistv5
Published
2018-09-11 15:00
Modified
2024-08-05 04:21
Severity ?
EPSS score ?
Summary
The logon application of SAP NetWeaver AS Java 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50 does not sufficiently encode user-controlled inputs, resulting in a cross-site scripting (XSS) vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499356993 | x_refsource_CONFIRM | |
| https://launchpad.support.sap.com/#/notes/2623846 | x_refsource_MISC | |
| http://www.securityfocus.com/bid/105325 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP | SAP NetWeaver AS Java |
Version: = 7.10 to 7.11 Version: = 7.20 Version: = 7.30 Version: = 7.31 Version: = 7.40 Version: = 7.50 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T04:21:33.712Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499356993", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/2623846", }, { name: "105325", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/105325", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SAP NetWeaver AS Java", vendor: "SAP", versions: [ { status: "affected", version: "= 7.10 to 7.11", }, { status: "affected", version: "= 7.20", }, { status: "affected", version: "= 7.30", }, { status: "affected", version: "= 7.31", }, { status: "affected", version: "= 7.40", }, { status: "affected", version: "= 7.50", }, ], }, ], datePublic: "2018-09-11T00:00:00", descriptions: [ { lang: "en", value: "The logon application of SAP NetWeaver AS Java 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50 does not sufficiently encode user-controlled inputs, resulting in a cross-site scripting (XSS) vulnerability.", }, ], problemTypes: [ { descriptions: [ { description: "Cross-Site Scripting", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-09-13T09:57:01", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499356993", }, { tags: [ "x_refsource_MISC", ], url: "https://launchpad.support.sap.com/#/notes/2623846", }, { name: "105325", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/105325", }, ], source: { discovery: "UNKNOWN", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cna@sap.com", ID: "CVE-2018-2452", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SAP NetWeaver AS Java", version: { version_data: [ { version_name: "=", version_value: "7.10 to 7.11", }, { version_name: "=", version_value: "7.20", }, { version_name: "=", version_value: "7.30", }, { version_name: "=", version_value: "7.31", }, { version_name: "=", version_value: "7.40", }, { version_name: "=", version_value: "7.50", }, ], }, }, ], }, vendor_name: "SAP", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The logon application of SAP NetWeaver AS Java 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50 does not sufficiently encode user-controlled inputs, resulting in a cross-site scripting (XSS) vulnerability.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Cross-Site Scripting", }, ], }, ], }, references: { reference_data: [ { name: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499356993", refsource: "CONFIRM", url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499356993", }, { name: "https://launchpad.support.sap.com/#/notes/2623846", refsource: "MISC", url: "https://launchpad.support.sap.com/#/notes/2623846", }, { name: "105325", refsource: "BID", url: "http://www.securityfocus.com/bid/105325", }, ], }, source: { discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2018-2452", datePublished: "2018-09-11T15:00:00", dateReserved: "2017-12-15T00:00:00", dateUpdated: "2024-08-05T04:21:33.712Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2015-8840
Vulnerability from cvelistv5
Published
2016-04-08 00:00
Modified
2024-08-06 08:29
Severity ?
EPSS score ?
Summary
The XML Data Archiving Service (XML DAS) in SAP NetWeaver AS Java does not check authorization, which allows remote authenticated users to obtain sensitive information, gain privileges, or possibly have unspecified other impact via requests to (1) webcontent/cas/cas_enter.jsp, (2) webcontent/cas/cas_validate.jsp, or (3) webcontent/aas/aas_store.jsp, aka SAP Security Note 1945215.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T08:29:22.013Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://scn.sap.com/community/security/blog/2015/07/15/sap-security-notes-july-2015", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://erpscan.io/advisories/erpscan-15-017-sap-netweaver-j2ee-das-service-unauthorized-access/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-07-15T00:00:00", descriptions: [ { lang: "en", value: "The XML Data Archiving Service (XML DAS) in SAP NetWeaver AS Java does not check authorization, which allows remote authenticated users to obtain sensitive information, gain privileges, or possibly have unspecified other impact via requests to (1) webcontent/cas/cas_enter.jsp, (2) webcontent/cas/cas_validate.jsp, or (3) webcontent/aas/aas_store.jsp, aka SAP Security Note 1945215.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-12-10T17:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "http://scn.sap.com/community/security/blog/2015/07/15/sap-security-notes-july-2015", }, { tags: [ "x_refsource_MISC", ], url: "https://erpscan.io/advisories/erpscan-15-017-sap-netweaver-j2ee-das-service-unauthorized-access/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2015-8840", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The XML Data Archiving Service (XML DAS) in SAP NetWeaver AS Java does not check authorization, which allows remote authenticated users to obtain sensitive information, gain privileges, or possibly have unspecified other impact via requests to (1) webcontent/cas/cas_enter.jsp, (2) webcontent/cas/cas_validate.jsp, or (3) webcontent/aas/aas_store.jsp, aka SAP Security Note 1945215.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://scn.sap.com/community/security/blog/2015/07/15/sap-security-notes-july-2015", refsource: "MISC", url: "http://scn.sap.com/community/security/blog/2015/07/15/sap-security-notes-july-2015", }, { name: "https://erpscan.io/advisories/erpscan-15-017-sap-netweaver-j2ee-das-service-unauthorized-access/", refsource: "MISC", url: "https://erpscan.io/advisories/erpscan-15-017-sap-netweaver-j2ee-das-service-unauthorized-access/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2015-8840", datePublished: "2016-04-08T00:00:00", dateReserved: "2016-04-07T00:00:00", dateUpdated: "2024-08-06T08:29:22.013Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-12637
Vulnerability from cvelistv5
Published
2017-08-07 20:00
Modified
2025-03-27 02:55
Severity ?
EPSS score ?
Summary
Directory traversal vulnerability in scheduler/ui/js/ffffffffbca41eb4/UIUtilJavaScriptJS in SAP NetWeaver Application Server Java 7.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the query string, as exploited in the wild in August 2017, aka SAP Security Note 2486657.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2025-03-27T02:48:43.285Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, timeline: [ { lang: "en", time: "2025-03-27T02:48:35.000Z", value: "Previously entered references were removed because they are not applicable to this CVE Record.", }, ], }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2017-12637", options: [ { Exploitation: "active", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-19T18:07:05.911493Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2025-03-19", reference: "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json", }, type: "kev", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-22", description: "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-19T22:20:22.667Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, timeline: [ { lang: "en", time: "2025-03-19T00:00:00+00:00", value: "CVE-2017-12637 added to CISA KEV", }, ], title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2017-08-07T00:00:00.000Z", descriptions: [ { lang: "en", value: "Directory traversal vulnerability in scheduler/ui/js/ffffffffbca41eb4/UIUtilJavaScriptJS in SAP NetWeaver Application Server Java 7.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the query string, as exploited in the wild in August 2017, aka SAP Security Note 2486657.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-27T02:55:31.305Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://web.archive.org/web/20170807202056/http://www.sh0w.top/index.php/archives/7/", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-12637", datePublished: "2017-08-07T20:00:00.000Z", dateReserved: "2017-08-07T00:00:00.000Z", dateUpdated: "2025-03-27T02:55:31.305Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-33670
Vulnerability from cvelistv5
Published
2021-07-14 11:04
Modified
2024-08-03 23:58
Severity ?
EPSS score ?
Summary
SAP NetWeaver AS for Java (Http Service Monitoring Filter), versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker to send multiple HTTP requests with different method types thereby crashing the filter and making the HTTP server unavailable to other legitimate users leading to denial of service vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=580617506 | x_refsource_MISC | |
| https://launchpad.support.sap.com/#/notes/3056652 | x_refsource_MISC | |
| http://seclists.org/fulldisclosure/2022/May/4 | mailing-list, x_refsource_FULLDISC | |
| http://packetstormsecurity.com/files/166965/SAP-NetWeaver-Java-Denial-Of-Service.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP SE | SAP NetWeaver AS for Java (Http Service) |
Version: < 7.10 Version: < 7.11 Version: < 7.20 Version: < 7.30 Version: < 7.31 Version: < 7.40 Version: < 7.50 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T23:58:22.541Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=580617506", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/3056652", }, { name: "20220504 Onapsis Security Advisory 2022-0002: Denial of Service in SAP NetWeaver JAVA", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2022/May/4", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/166965/SAP-NetWeaver-Java-Denial-Of-Service.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SAP NetWeaver AS for Java (Http Service)", vendor: "SAP SE", versions: [ { status: "affected", version: "< 7.10", }, { status: "affected", version: "< 7.11", }, { status: "affected", version: "< 7.20", }, { status: "affected", version: "< 7.30", }, { status: "affected", version: "< 7.31", }, { status: "affected", version: "< 7.40", }, { status: "affected", version: "< 7.50", }, ], }, ], descriptions: [ { lang: "en", value: "SAP NetWeaver AS for Java (Http Service Monitoring Filter), versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker to send multiple HTTP requests with different method types thereby crashing the filter and making the HTTP server unavailable to other legitimate users leading to denial of service vulnerability.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-05-04T23:06:09", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=580617506", }, { tags: [ "x_refsource_MISC", ], url: "https://launchpad.support.sap.com/#/notes/3056652", }, { name: "20220504 Onapsis Security Advisory 2022-0002: Denial of Service in SAP NetWeaver JAVA", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2022/May/4", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/166965/SAP-NetWeaver-Java-Denial-Of-Service.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cna@sap.com", ID: "CVE-2021-33670", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SAP NetWeaver AS for Java (Http Service)", version: { version_data: [ { version_name: "<", version_value: "7.10", }, { version_name: "<", version_value: "7.11", }, { version_name: "<", version_value: "7.20", }, { version_name: "<", version_value: "7.30", }, { version_name: "<", version_value: "7.31", }, { version_name: "<", version_value: "7.40", }, { version_name: "<", version_value: "7.50", }, ], }, }, ], }, vendor_name: "SAP SE", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "SAP NetWeaver AS for Java (Http Service Monitoring Filter), versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker to send multiple HTTP requests with different method types thereby crashing the filter and making the HTTP server unavailable to other legitimate users leading to denial of service vulnerability.", }, ], }, impact: { cvss: { baseScore: "7.5", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Denial of Service", }, ], }, ], }, references: { reference_data: [ { name: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=580617506", refsource: "MISC", url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=580617506", }, { name: "https://launchpad.support.sap.com/#/notes/3056652", refsource: "MISC", url: "https://launchpad.support.sap.com/#/notes/3056652", }, { name: "20220504 Onapsis Security Advisory 2022-0002: Denial of Service in SAP NetWeaver JAVA", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2022/May/4", }, { name: "http://packetstormsecurity.com/files/166965/SAP-NetWeaver-Java-Denial-Of-Service.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/166965/SAP-NetWeaver-Java-Denial-Of-Service.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2021-33670", datePublished: "2021-07-14T11:04:11", dateReserved: "2021-05-28T00:00:00", dateUpdated: "2024-08-03T23:58:22.541Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-42480
Vulnerability from cvelistv5
Published
2023-11-14 01:02
Modified
2024-09-03 14:27
Severity ?
EPSS score ?
Summary
The unauthenticated attacker in NetWeaver AS Java Logon application - version 7.50, can brute force the login functionality to identify the legitimate user ids. This will have an impact on confidentiality but there is no other impact on integrity or availability.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP_SE | NetWeaver AS Java |
Version: 7.50 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T19:23:39.380Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://me.sap.com/notes/3366410", }, { tags: [ "x_transferred", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-42480", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-09-03T14:27:17.759063Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-09-03T14:27:52.474Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "NetWeaver AS Java", vendor: "SAP_SE", versions: [ { status: "affected", version: "7.50", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>The unauthenticated attacker in NetWeaver AS Java Logon application - version 7.50, can brute force the login functionality to identify the legitimate user ids. This will have an impact on confidentiality but there is no other impact on integrity or availability.</p>", }, ], value: "The unauthenticated attacker in NetWeaver AS Java Logon application - version 7.50, can brute force the login functionality to identify the legitimate user ids. This will have an impact on confidentiality but there is no other impact on integrity or availability.\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-307", description: "CWE-307: Improper Restriction of Excessive Authentication Attempts", lang: "eng", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-11-14T01:02:56.929Z", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { url: "https://me.sap.com/notes/3366410", }, { url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], source: { discovery: "UNKNOWN", }, title: "Information Disclosure in NetWeaver AS Java Logon", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2023-42480", datePublished: "2023-11-14T01:02:56.929Z", dateReserved: "2023-09-11T07:15:13.775Z", dateUpdated: "2024-09-03T14:27:52.474Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-7717
Vulnerability from cvelistv5
Published
2017-04-14 18:00
Modified
2024-08-05 16:12
Severity ?
EPSS score ?
Summary
SQL injection vulnerability in the getUserUddiElements method in the ES UDDI component in SAP NetWeaver AS Java 7.4 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2356504.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/100168 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/bid/95364 | vdb-entry, x_refsource_BID | |
| https://erpscan.io/advisories/erpscan-17-003-sap-netweaver-7-4-getuseruddielements-sql-injection/ | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T16:12:27.927Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "100168", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/100168", }, { name: "95364", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/95364", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://erpscan.io/advisories/erpscan-17-003-sap-netweaver-7-4-getuseruddielements-sql-injection/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2017-01-10T00:00:00", descriptions: [ { lang: "en", value: "SQL injection vulnerability in the getUserUddiElements method in the ES UDDI component in SAP NetWeaver AS Java 7.4 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2356504.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-12-10T17:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "100168", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/100168", }, { name: "95364", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/95364", }, { tags: [ "x_refsource_MISC", ], url: "https://erpscan.io/advisories/erpscan-17-003-sap-netweaver-7-4-getuseruddielements-sql-injection/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-7717", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "SQL injection vulnerability in the getUserUddiElements method in the ES UDDI component in SAP NetWeaver AS Java 7.4 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2356504.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "100168", refsource: "BID", url: "http://www.securityfocus.com/bid/100168", }, { name: "95364", refsource: "BID", url: "http://www.securityfocus.com/bid/95364", }, { name: "https://erpscan.io/advisories/erpscan-17-003-sap-netweaver-7-4-getuseruddielements-sql-injection/", refsource: "MISC", url: "https://erpscan.io/advisories/erpscan-17-003-sap-netweaver-7-4-getuseruddielements-sql-injection/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-7717", datePublished: "2017-04-14T18:00:00", dateReserved: "2017-04-12T00:00:00", dateUpdated: "2024-08-05T16:12:27.927Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-40309
Vulnerability from cvelistv5
Published
2023-09-12 02:21
Modified
2024-09-28 22:10
Severity ?
EPSS score ?
Summary
SAP CommonCryptoLib does not perform necessary authentication checks, which may result in missing or wrong authorization checks for an authenticated user, resulting in escalation of privileges. Depending on the application and the level of privileges acquired, an attacker could abuse functionality restricted to a particular user group as well as read, modify or delete restricted data.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | SAP_SE | SAP CommonCryptoLib |
Version: 8 |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T18:31:53.172Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://me.sap.com/notes/3340576", }, { tags: [ "x_transferred", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-40309", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-09-26T14:26:09.938156Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-09-26T14:26:24.862Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SAP CommonCryptoLib", vendor: "SAP_SE", versions: [ { status: "affected", version: "8", }, ], }, { defaultStatus: "unaffected", product: "SAP NetWeaver AS ABAP, SAP NetWeaver AS Java and ABAP Platform of S/4HANA on-premise", vendor: "SAP_SE", versions: [ { status: "affected", version: "KERNEL 7.22", }, { status: "affected", version: "KERNEL 7.53", }, { status: "affected", version: "KERNEL 7.54", }, { status: "affected", version: "KERNEL 7.77", }, { status: "affected", version: "KERNEL 7.85", }, { status: "affected", version: "KERNEL 7.89", }, { status: "affected", version: "KERNEL 7.91", }, { status: "affected", version: "KERNEL 7.92", }, { status: "affected", version: "KERNEL 7.93", }, { status: "affected", version: "KERNEL 8.04", }, { status: "affected", version: "KERNEL64UC 7.22", }, { status: "affected", version: "KERNEL64UC 7.22EXT", }, { status: "affected", version: "KERNEL64UC 7.53", }, { status: "affected", version: "KERNEL64UC 8.04", }, { status: "affected", version: "KERNEL64NUC 7.22", }, { status: "affected", version: "KERNEL64NUC 7.22EXT", }, ], }, { defaultStatus: "unaffected", product: "SAP Web Dispatcher", vendor: "SAP_SE", versions: [ { status: "affected", version: "7.22EXT", }, { status: "affected", version: "7.53", }, { status: "affected", version: "7.54", }, { status: "affected", version: "7.77", }, { status: "affected", version: "7.85", }, { status: "affected", version: "7.89", }, ], }, { defaultStatus: "unaffected", product: "SAP Content Server", vendor: "SAP_SE", versions: [ { status: "affected", version: "6.50", }, { status: "affected", version: "7.53", }, { status: "affected", version: "7.54", }, ], }, { defaultStatus: "unaffected", product: "SAP HANA Database", vendor: "SAP_SE", versions: [ { status: "affected", version: "2.00", }, ], }, { defaultStatus: "unaffected", product: "SAP Host Agent", vendor: "SAP_SE", versions: [ { status: "affected", version: "722", }, ], }, { defaultStatus: "unaffected", product: "SAP Extended Application Services and Runtime (XSA)", vendor: "SAP_SE", versions: [ { status: "affected", version: "SAP_EXTENDED_APP_SERVICES 1", }, { status: "affected", version: "XS_ADVANCED_RUNTIME 1.00", }, ], }, { defaultStatus: "unaffected", product: "SAPSSOEXT", vendor: "SAP_SE", versions: [ { status: "affected", version: "17", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>SAP CommonCryptoLib does not perform necessary authentication checks, which may result in missing or wrong authorization checks for an authenticated user, resulting in escalation of privileges. Depending on the application and the level of privileges acquired, an attacker could abuse functionality restricted to a particular user group as well as read, modify or delete restricted data.</p>", }, ], value: "SAP CommonCryptoLib does not perform necessary authentication checks, which may result in missing or wrong authorization checks for an authenticated user, resulting in escalation of privileges. Depending on the application and the level of privileges acquired, an attacker could abuse functionality restricted to a particular user group as well as read, modify or delete restricted data.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-863", description: "CWE-863: Incorrect Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-28T22:10:46.845Z", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { url: "https://me.sap.com/notes/3340576", }, { url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], source: { discovery: "UNKNOWN", }, title: "Missing Authorization check in SAP CommonCryptoLib", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2023-40309", datePublished: "2023-09-12T02:21:19.058Z", dateReserved: "2023-08-14T07:36:04.796Z", dateUpdated: "2024-09-28T22:10:46.845Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-27601
Vulnerability from cvelistv5
Published
2021-04-13 18:43
Modified
2024-08-03 21:26
Severity ?
EPSS score ?
Summary
SAP NetWeaver AS Java (Applications based on HTMLB for Java) allows a basic-level authorized attacker to store a malicious file on the server. When a victim tries to open this file, it results in a Cross-Site Scripting (XSS) vulnerability and the attacker can read and modify data. However, the attacker does not have control over kind or degree.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=573801649 | x_refsource_MISC | |
| https://launchpad.support.sap.com/#/notes/2963592 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP SE | SAP NetWeaver AS for Java (Applications based on HTMLB for Java) |
Version: EP-BASIS 7.10, 7.11, 7.30, 7.31, 7.40, 7.50 Version: FRAMEWORK-EXT 7.30, 7.31, 7.40, 7.50 Version: FRAMEWORK 7.10, 7.11 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T21:26:10.336Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=573801649", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/2963592", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SAP NetWeaver AS for Java (Applications based on HTMLB for Java)", vendor: "SAP SE", versions: [ { status: "affected", version: "EP-BASIS 7.10, 7.11, 7.30, 7.31, 7.40, 7.50", }, { status: "affected", version: "FRAMEWORK-EXT 7.30, 7.31, 7.40, 7.50", }, { status: "affected", version: "FRAMEWORK 7.10, 7.11", }, ], }, ], descriptions: [ { lang: "en", value: "SAP NetWeaver AS Java (Applications based on HTMLB for Java) allows a basic-level authorized attacker to store a malicious file on the server. When a victim tries to open this file, it results in a Cross-Site Scripting (XSS) vulnerability and the attacker can read and modify data. However, the attacker does not have control over kind or degree.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "Cross Site Scripting", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-04-13T18:43:53", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=573801649", }, { tags: [ "x_refsource_MISC", ], url: "https://launchpad.support.sap.com/#/notes/2963592", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cna@sap.com", ID: "CVE-2021-27601", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SAP NetWeaver AS for Java (Applications based on HTMLB for Java)", version: { version_data: [ { version_name: "EP-BASIS", version_value: "7.10, 7.11, 7.30, 7.31, 7.40, 7.50", }, { version_name: "FRAMEWORK-EXT", version_value: "7.30, 7.31, 7.40, 7.50", }, { version_name: "FRAMEWORK", version_value: "7.10, 7.11", }, ], }, }, ], }, vendor_name: "SAP SE", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "SAP NetWeaver AS Java (Applications based on HTMLB for Java) allows a basic-level authorized attacker to store a malicious file on the server. When a victim tries to open this file, it results in a Cross-Site Scripting (XSS) vulnerability and the attacker can read and modify data. However, the attacker does not have control over kind or degree.", }, ], }, impact: { cvss: { baseScore: "5.4", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Cross Site Scripting", }, ], }, ], }, references: { reference_data: [ { name: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=573801649", refsource: "MISC", url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=573801649", }, { name: "https://launchpad.support.sap.com/#/notes/2963592", refsource: "MISC", url: "https://launchpad.support.sap.com/#/notes/2963592", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2021-27601", datePublished: "2021-04-13T18:43:53", dateReserved: "2021-02-23T00:00:00", dateUpdated: "2024-08-03T21:26:10.336Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-26816
Vulnerability from cvelistv5
Published
2020-12-09 16:28
Modified
2024-08-04 16:03
Severity ?
EPSS score ?
Summary
SAP AS JAVA (Key Storage Service), versions - 7.10, 7.11, 7.20 ,7.30, 7.31, 7.40, 7.50, has the key material which is stored in the SAP NetWeaver AS Java Key Storage service stored in the database in the DER encoded format and is not encrypted. This enables an attacker who has administrator access to the SAP NetWeaver AS Java to decode the keys because of missing encryption and get some application data and client credentials of adjacent systems. This highly impacts Confidentiality as information disclosed could contain client credentials of adjacent systems.
References
| ▼ | URL | Tags |
|---|---|---|
| https://launchpad.support.sap.com/#/notes/2971163 | x_refsource_MISC | |
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP SE | SAP NetWeaver AS JAVA (Key Storage Service) |
Version: < 7.10 Version: < 7.11 Version: < 7.20 Version: < 7.30 Version: < 7.31 Version: < 7.40 Version: < 7.50 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T16:03:22.694Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/2971163", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SAP NetWeaver AS JAVA (Key Storage Service)", vendor: "SAP SE", versions: [ { status: "affected", version: "< 7.10", }, { status: "affected", version: "< 7.11", }, { status: "affected", version: "< 7.20", }, { status: "affected", version: "< 7.30", }, { status: "affected", version: "< 7.31", }, { status: "affected", version: "< 7.40", }, { status: "affected", version: "< 7.50", }, ], }, ], descriptions: [ { lang: "en", value: "SAP AS JAVA (Key Storage Service), versions - 7.10, 7.11, 7.20 ,7.30, 7.31, 7.40, 7.50, has the key material which is stored in the SAP NetWeaver AS Java Key Storage service stored in the database in the DER encoded format and is not encrypted. This enables an attacker who has administrator access to the SAP NetWeaver AS Java to decode the keys because of missing encryption and get some application data and client credentials of adjacent systems. This highly impacts Confidentiality as information disclosed could contain client credentials of adjacent systems.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "Missing Encryption", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-12-09T16:28:11", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://launchpad.support.sap.com/#/notes/2971163", }, { tags: [ "x_refsource_MISC", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cna@sap.com", ID: "CVE-2020-26816", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SAP NetWeaver AS JAVA (Key Storage Service)", version: { version_data: [ { version_name: "<", version_value: "7.10", }, { version_name: "<", version_value: "7.11", }, { version_name: "<", version_value: "7.20", }, { version_name: "<", version_value: "7.30", }, { version_name: "<", version_value: "7.31", }, { version_name: "<", version_value: "7.40", }, { version_name: "<", version_value: "7.50", }, ], }, }, ], }, vendor_name: "SAP SE", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "SAP AS JAVA (Key Storage Service), versions - 7.10, 7.11, 7.20 ,7.30, 7.31, 7.40, 7.50, has the key material which is stored in the SAP NetWeaver AS Java Key Storage service stored in the database in the DER encoded format and is not encrypted. This enables an attacker who has administrator access to the SAP NetWeaver AS Java to decode the keys because of missing encryption and get some application data and client credentials of adjacent systems. This highly impacts Confidentiality as information disclosed could contain client credentials of adjacent systems.", }, ], }, impact: { cvss: { baseScore: "5.4", vectorString: "CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Missing Encryption", }, ], }, ], }, references: { reference_data: [ { name: "https://launchpad.support.sap.com/#/notes/2971163", refsource: "MISC", url: "https://launchpad.support.sap.com/#/notes/2971163", }, { name: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079", refsource: "MISC", url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2020-26816", datePublished: "2020-12-09T16:28:11", dateReserved: "2020-10-07T00:00:00", dateUpdated: "2024-08-04T16:03:22.694Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-37535
Vulnerability from cvelistv5
Published
2021-09-14 11:21
Modified
2024-08-04 01:23
Severity ?
EPSS score ?
Summary
SAP NetWeaver Application Server Java (JMS Connector Service) - versions 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not perform necessary authorization checks for user privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=585106405 | x_refsource_MISC | |
| https://launchpad.support.sap.com/#/notes/3078609 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP SE | SAP NetWeaver Application Server Java (JMS Connector Service) |
Version: < 7.11 Version: < 7.20 Version: < 7.30 Version: < 7.31 Version: < 7.40 Version: < 7.50 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T01:23:01.156Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=585106405", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/3078609", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SAP NetWeaver Application Server Java (JMS Connector Service)", vendor: "SAP SE", versions: [ { status: "affected", version: "< 7.11", }, { status: "affected", version: "< 7.20", }, { status: "affected", version: "< 7.30", }, { status: "affected", version: "< 7.31", }, { status: "affected", version: "< 7.40", }, { status: "affected", version: "< 7.50", }, ], }, ], descriptions: [ { lang: "en", value: "SAP NetWeaver Application Server Java (JMS Connector Service) - versions 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not perform necessary authorization checks for user privileges.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 10, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "Missing Authorization Check", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-09-14T11:21:27", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=585106405", }, { tags: [ "x_refsource_MISC", ], url: "https://launchpad.support.sap.com/#/notes/3078609", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cna@sap.com", ID: "CVE-2021-37535", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SAP NetWeaver Application Server Java (JMS Connector Service)", version: { version_data: [ { version_name: "<", version_value: "7.11", }, { version_name: "<", version_value: "7.20", }, { version_name: "<", version_value: "7.30", }, { version_name: "<", version_value: "7.31", }, { version_name: "<", version_value: "7.40", }, { version_name: "<", version_value: "7.50", }, ], }, }, ], }, vendor_name: "SAP SE", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "SAP NetWeaver Application Server Java (JMS Connector Service) - versions 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not perform necessary authorization checks for user privileges.", }, ], }, impact: { cvss: { baseScore: "10.0", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Missing Authorization Check", }, ], }, ], }, references: { reference_data: [ { name: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=585106405", refsource: "MISC", url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=585106405", }, { name: "https://launchpad.support.sap.com/#/notes/3078609", refsource: "MISC", url: "https://launchpad.support.sap.com/#/notes/3078609", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2021-37535", datePublished: "2021-09-14T11:21:27", dateReserved: "2021-07-26T00:00:00", dateUpdated: "2024-08-04T01:23:01.156Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-21485
Vulnerability from cvelistv5
Published
2021-04-13 18:44
Modified
2024-08-03 18:16
Severity ?
EPSS score ?
Summary
An unauthorized attacker may be able to entice an administrator to invoke telnet commands of an SAP NetWeaver Application Server for Java that allow the attacker to gain NTLM hashes of a privileged user.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=573801649 | x_refsource_MISC | |
| https://launchpad.support.sap.com/#/notes/3001824 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP SE | SAP NetWeaver AS for JAVA (Telnet Commands) |
Version: ENGINEAPI 7.30, 7.31, 7.40, 7.50 Version: ESP_FRAMEWORK 7.10, 7.20, 7.30, 7.31, 7.40, 7.50 Version: SERVERCORE 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50 Version: J2EE-FRMW 7.10, 7.20, 7.30, 7.31, 7.40, 7.50 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T18:16:22.530Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=573801649", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/3001824", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SAP NetWeaver AS for JAVA (Telnet Commands)", vendor: "SAP SE", versions: [ { status: "affected", version: "ENGINEAPI 7.30, 7.31, 7.40, 7.50", }, { status: "affected", version: "ESP_FRAMEWORK 7.10, 7.20, 7.30, 7.31, 7.40, 7.50", }, { status: "affected", version: "SERVERCORE 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50", }, { status: "affected", version: "J2EE-FRMW 7.10, 7.20, 7.30, 7.31, 7.40, 7.50", }, ], }, ], descriptions: [ { lang: "en", value: "An unauthorized attacker may be able to entice an administrator to invoke telnet commands of an SAP NetWeaver Application Server for Java that allow the attacker to gain NTLM hashes of a privileged user.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "Information Disclosure", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-04-13T18:44:47", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=573801649", }, { tags: [ "x_refsource_MISC", ], url: "https://launchpad.support.sap.com/#/notes/3001824", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cna@sap.com", ID: "CVE-2021-21485", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SAP NetWeaver AS for JAVA (Telnet Commands)", version: { version_data: [ { version_name: "ENGINEAPI", version_value: "7.30, 7.31, 7.40, 7.50", }, { version_name: "ESP_FRAMEWORK", version_value: "7.10, 7.20, 7.30, 7.31, 7.40, 7.50", }, { version_name: "SERVERCORE", version_value: "7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50", }, { version_name: "J2EE-FRMW", version_value: "7.10, 7.20, 7.30, 7.31, 7.40, 7.50", }, ], }, }, ], }, vendor_name: "SAP SE", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An unauthorized attacker may be able to entice an administrator to invoke telnet commands of an SAP NetWeaver Application Server for Java that allow the attacker to gain NTLM hashes of a privileged user.", }, ], }, impact: { cvss: { baseScore: "7.4", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Information Disclosure", }, ], }, ], }, references: { reference_data: [ { name: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=573801649", refsource: "MISC", url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=573801649", }, { name: "https://launchpad.support.sap.com/#/notes/3001824", refsource: "MISC", url: "https://launchpad.support.sap.com/#/notes/3001824", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2021-21485", datePublished: "2021-04-13T18:44:47", dateReserved: "2020-12-30T00:00:00", dateUpdated: "2024-08-03T18:16:22.530Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-22127
Vulnerability from cvelistv5
Published
2024-03-12 00:29
Modified
2024-09-26 18:27
Severity ?
EPSS score ?
Summary
SAP NetWeaver Administrator AS Java (Administrator Log Viewer plug-in) - version 7.50, allows an attacker with high privileges to upload potentially dangerous files which leads to command injection vulnerability. This would enable the attacker to run commands which can cause high impact on confidentiality, integrity and availability of the application.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP_SE | SAP NetWeaver AS Java (Administrator Log Viewer plug-in) |
Version: 7.50 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-01T22:35:34.821Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://me.sap.com/notes/3433192", }, { tags: [ "x_transferred", ], url: "https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html?anchorId=section_370125364", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:a:sap:netweaver:7.50:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "netweaver", vendor: "sap", versions: [ { status: "affected", version: "7.50", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-22127", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-03-16T04:00:36.516963Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-08-27T20:18:26.922Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SAP NetWeaver AS Java (Administrator Log Viewer plug-in)", vendor: "SAP_SE", versions: [ { status: "affected", version: "7.50", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>SAP NetWeaver Administrator AS Java (Administrator Log Viewer plug-in) - version 7.50, allows an attacker with high privileges to upload potentially dangerous files which leads to command injection vulnerability. This would enable the attacker to run commands which can cause high impact on confidentiality, integrity and availability of the application.</p>", }, ], value: "SAP NetWeaver Administrator AS Java (Administrator Log Viewer plug-in) - version 7.50, allows an attacker with high privileges to upload potentially dangerous files which leads to command injection vulnerability. This would enable the attacker to run commands which can cause high impact on confidentiality, integrity and availability of the application.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-26T18:27:18.285Z", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { url: "https://me.sap.com/notes/3433192", }, { url: "https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html?anchorId=section_370125364", }, ], source: { discovery: "UNKNOWN", }, title: "Code Injection vulnerability in SAP NetWeaver AS Java (Administrator Log Viewer plug-in)", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2024-22127", datePublished: "2024-03-12T00:29:27.295Z", dateReserved: "2024-01-05T10:21:35.256Z", dateUpdated: "2024-09-26T18:27:18.285Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-3973
Vulnerability from cvelistv5
Published
2016-04-07 19:00
Modified
2024-08-06 00:10
Severity ?
EPSS score ?
Summary
The chat feature in the Real-Time Collaboration (RTC) services 7.3 and 7.4 in SAP NetWeaver Java AS 7.1 through 7.5 allows remote attackers to obtain sensitive user information by visiting webdynpro/resources/sap.com/tc~rtc~coll.appl.rtc~wd_chat/Chat#, pressing "Add users", and doing a search, aka SAP Security Note 2255990.
References
| ▼ | URL | Tags |
|---|---|---|
| http://packetstormsecurity.com/files/137579/SAP-NetWeaver-AS-JAVA-7.5-Information-Disclosure.html | x_refsource_MISC | |
| https://erpscan.io/press-center/blog/sap-security-notes-march-2016-review/ | x_refsource_MISC | |
| https://erpscan.io/advisories/erpscan-16-016-sap-netweaver-7-4-information-disclosure-wd_chat/ | x_refsource_MISC | |
| http://seclists.org/fulldisclosure/2016/Jun/46 | mailing-list, x_refsource_FULLDISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T00:10:31.890Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/137579/SAP-NetWeaver-AS-JAVA-7.5-Information-Disclosure.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://erpscan.io/press-center/blog/sap-security-notes-march-2016-review/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://erpscan.io/advisories/erpscan-16-016-sap-netweaver-7-4-information-disclosure-wd_chat/", }, { name: "20160621 [ERPSCAN-16-016] SAP NetWeaver Java AS WD_CHAT - Information disclosure vulnerability", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2016/Jun/46", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-03-08T00:00:00", descriptions: [ { lang: "en", value: "The chat feature in the Real-Time Collaboration (RTC) services 7.3 and 7.4 in SAP NetWeaver Java AS 7.1 through 7.5 allows remote attackers to obtain sensitive user information by visiting webdynpro/resources/sap.com/tc~rtc~coll.appl.rtc~wd_chat/Chat#, pressing \"Add users\", and doing a search, aka SAP Security Note 2255990.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-12-10T17:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/137579/SAP-NetWeaver-AS-JAVA-7.5-Information-Disclosure.html", }, { tags: [ "x_refsource_MISC", ], url: "https://erpscan.io/press-center/blog/sap-security-notes-march-2016-review/", }, { tags: [ "x_refsource_MISC", ], url: "https://erpscan.io/advisories/erpscan-16-016-sap-netweaver-7-4-information-disclosure-wd_chat/", }, { name: "20160621 [ERPSCAN-16-016] SAP NetWeaver Java AS WD_CHAT - Information disclosure vulnerability", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2016/Jun/46", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-3973", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The chat feature in the Real-Time Collaboration (RTC) services 7.3 and 7.4 in SAP NetWeaver Java AS 7.1 through 7.5 allows remote attackers to obtain sensitive user information by visiting webdynpro/resources/sap.com/tc~rtc~coll.appl.rtc~wd_chat/Chat#, pressing \"Add users\", and doing a search, aka SAP Security Note 2255990.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://packetstormsecurity.com/files/137579/SAP-NetWeaver-AS-JAVA-7.5-Information-Disclosure.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/137579/SAP-NetWeaver-AS-JAVA-7.5-Information-Disclosure.html", }, { name: "https://erpscan.io/press-center/blog/sap-security-notes-march-2016-review/", refsource: "MISC", url: "https://erpscan.io/press-center/blog/sap-security-notes-march-2016-review/", }, { name: "https://erpscan.io/advisories/erpscan-16-016-sap-netweaver-7-4-information-disclosure-wd_chat/", refsource: "MISC", url: "https://erpscan.io/advisories/erpscan-16-016-sap-netweaver-7-4-information-disclosure-wd_chat/", }, { name: "20160621 [ERPSCAN-16-016] SAP NetWeaver Java AS WD_CHAT - Information disclosure vulnerability", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2016/Jun/46", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-3973", datePublished: "2016-04-07T19:00:00", dateReserved: "2016-04-07T00:00:00", dateUpdated: "2024-08-06T00:10:31.890Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-6319
Vulnerability from cvelistv5
Published
2020-10-15 01:52
Modified
2024-08-04 08:55
Severity ?
EPSS score ?
Summary
SAP NetWeaver Application Server Java, versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, and 7.50 allows an unauthenticated attacker to include JavaScript blocks in any web page or URL with different symbols which are otherwise not allowed. On successful exploitation an attacker can steal authentication information of the user, such as data relating to his or her current session and limitedly impact confidentiality and integrity of the application, leading to Reflected Cross Site Scripting.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=558632196 | x_refsource_MISC | |
| https://launchpad.support.sap.com/#/notes/2956398 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP SE | SAP NetWeaver Application Server Java |
Version: < 7.10 Version: < 7.11 Version: < 7.20 Version: < 7.30 Version: < 7.31 Version: < 7.40 Version: < 7.50 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T08:55:22.263Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=558632196", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/2956398", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SAP NetWeaver Application Server Java", vendor: "SAP SE", versions: [ { status: "affected", version: "< 7.10", }, { status: "affected", version: "< 7.11", }, { status: "affected", version: "< 7.20", }, { status: "affected", version: "< 7.30", }, { status: "affected", version: "< 7.31", }, { status: "affected", version: "< 7.40", }, { status: "affected", version: "< 7.50", }, ], }, ], descriptions: [ { lang: "en", value: "SAP NetWeaver Application Server Java, versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, and 7.50 allows an unauthenticated attacker to include JavaScript blocks in any web page or URL with different symbols which are otherwise not allowed. On successful exploitation an attacker can steal authentication information of the user, such as data relating to his or her current session and limitedly impact confidentiality and integrity of the application, leading to Reflected Cross Site Scripting.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "Cross Site Scripting", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-10-15T01:52:28", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=558632196", }, { tags: [ "x_refsource_MISC", ], url: "https://launchpad.support.sap.com/#/notes/2956398", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cna@sap.com", ID: "CVE-2020-6319", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SAP NetWeaver Application Server Java", version: { version_data: [ { version_name: "<", version_value: "7.10", }, { version_name: "<", version_value: "7.11", }, { version_name: "<", version_value: "7.20", }, { version_name: "<", version_value: "7.30", }, { version_name: "<", version_value: "7.31", }, { version_name: "<", version_value: "7.40", }, { version_name: "<", version_value: "7.50", }, ], }, }, ], }, vendor_name: "SAP SE", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "SAP NetWeaver Application Server Java, versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, and 7.50 allows an unauthenticated attacker to include JavaScript blocks in any web page or URL with different symbols which are otherwise not allowed. On successful exploitation an attacker can steal authentication information of the user, such as data relating to his or her current session and limitedly impact confidentiality and integrity of the application, leading to Reflected Cross Site Scripting.", }, ], }, impact: { cvss: { baseScore: "6.1", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Cross Site Scripting", }, ], }, ], }, references: { reference_data: [ { name: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=558632196", refsource: "MISC", url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=558632196", }, { name: "https://launchpad.support.sap.com/#/notes/2956398", refsource: "MISC", url: "https://launchpad.support.sap.com/#/notes/2956398", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2020-6319", datePublished: "2020-10-15T01:52:28", dateReserved: "2020-01-08T00:00:00", dateUpdated: "2024-08-04T08:55:22.263Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-6202
Vulnerability from cvelistv5
Published
2020-03-10 20:19
Modified
2024-08-04 08:55
Severity ?
EPSS score ?
Summary
SAP NetWeaver Application Server Java (User Management Engine), versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; does not sufficiently validate the LDAP data source configuration XML document accepted from an untrusted source, leading to Missing XML Validation.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305 | x_refsource_MISC | |
| https://launchpad.support.sap.com/#/notes/2847787 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP SE | SAP NetWeaver Application Server Java (User Management Engine) |
Version: < 7.10 Version: < 7.11 Version: < 7.20 Version: < 7.30 Version: < 7.31 Version: < 7.40 Version: < 7.50 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T08:55:21.913Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/2847787", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SAP NetWeaver Application Server Java (User Management Engine)", vendor: "SAP SE", versions: [ { status: "affected", version: "< 7.10", }, { status: "affected", version: "< 7.11", }, { status: "affected", version: "< 7.20", }, { status: "affected", version: "< 7.30", }, { status: "affected", version: "< 7.31", }, { status: "affected", version: "< 7.40", }, { status: "affected", version: "< 7.50", }, ], }, ], descriptions: [ { lang: "en", value: "SAP NetWeaver Application Server Java (User Management Engine), versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; does not sufficiently validate the LDAP data source configuration XML document accepted from an untrusted source, leading to Missing XML Validation.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "Missing XML Validation", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-03-10T20:19:23", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305", }, { tags: [ "x_refsource_MISC", ], url: "https://launchpad.support.sap.com/#/notes/2847787", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cna@sap.com", ID: "CVE-2020-6202", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SAP NetWeaver Application Server Java (User Management Engine)", version: { version_data: [ { version_name: "<", version_value: "7.10", }, { version_name: "<", version_value: "7.11", }, { version_name: "<", version_value: "7.20", }, { version_name: "<", version_value: "7.30", }, { version_name: "<", version_value: "7.31", }, { version_name: "<", version_value: "7.40", }, { version_name: "<", version_value: "7.50", }, ], }, }, ], }, vendor_name: "SAP SE", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "SAP NetWeaver Application Server Java (User Management Engine), versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; does not sufficiently validate the LDAP data source configuration XML document accepted from an untrusted source, leading to Missing XML Validation.", }, ], }, impact: { cvss: { baseScore: "5.5", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Missing XML Validation", }, ], }, ], }, references: { reference_data: [ { name: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305", refsource: "MISC", url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305", }, { name: "https://launchpad.support.sap.com/#/notes/2847787", refsource: "MISC", url: "https://launchpad.support.sap.com/#/notes/2847787", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2020-6202", datePublished: "2020-03-10T20:19:23", dateReserved: "2020-01-08T00:00:00", dateUpdated: "2024-08-04T08:55:21.913Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-8913
Vulnerability from cvelistv5
Published
2017-05-23 03:56
Modified
2024-08-05 16:48
Severity ?
EPSS score ?
Summary
The Visual Composer VC70RUNTIME component in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity (XXE) attacks via a crafted XML document in a request to irj/servlet/prt/portal/prtroot/com.sap.visualcomposer.BIKit.default, aka SAP Security Note 2386873.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T16:48:22.822Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://erpscan.io/advisories/erpscan-17-007-sap-netweaver-java-7-5-xxe-visual-composer-vc70runtime/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://erpscan.io/press-center/blog/sap-cyber-threat-intelligence-report-february-2017/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2017-02-14T00:00:00", descriptions: [ { lang: "en", value: "The Visual Composer VC70RUNTIME component in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity (XXE) attacks via a crafted XML document in a request to irj/servlet/prt/portal/prtroot/com.sap.visualcomposer.BIKit.default, aka SAP Security Note 2386873.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-12-10T17:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://erpscan.io/advisories/erpscan-17-007-sap-netweaver-java-7-5-xxe-visual-composer-vc70runtime/", }, { tags: [ "x_refsource_MISC", ], url: "https://erpscan.io/press-center/blog/sap-cyber-threat-intelligence-report-february-2017/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-8913", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Visual Composer VC70RUNTIME component in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity (XXE) attacks via a crafted XML document in a request to irj/servlet/prt/portal/prtroot/com.sap.visualcomposer.BIKit.default, aka SAP Security Note 2386873.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://erpscan.io/advisories/erpscan-17-007-sap-netweaver-java-7-5-xxe-visual-composer-vc70runtime/", refsource: "MISC", url: "https://erpscan.io/advisories/erpscan-17-007-sap-netweaver-java-7-5-xxe-visual-composer-vc70runtime/", }, { name: "https://erpscan.io/press-center/blog/sap-cyber-threat-intelligence-report-february-2017/", refsource: "MISC", url: "https://erpscan.io/press-center/blog/sap-cyber-threat-intelligence-report-february-2017/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-8913", datePublished: "2017-05-23T03:56:00", dateReserved: "2017-05-12T00:00:00", dateUpdated: "2024-08-05T16:48:22.822Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-6309
Vulnerability from cvelistv5
Published
2020-08-12 13:51
Modified
2024-08-04 08:55
Severity ?
EPSS score ?
Summary
SAP NetWeaver AS JAVA, versions - (ENGINEAPI 7.10; WSRM 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; J2EE-FRMW 7.10, 7.11), does not perform any authentication checks for a web service allowing the attacker to send several payloads and leading to complete denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552603345 | x_refsource_MISC | |
| https://launchpad.support.sap.com/#/notes/2941315 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | SAP SE | SAP NetWeaver AS JAVA (ENGINEAPI) |
Version: < 7.10 |
|||||||||||
|
||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T08:55:22.249Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552603345", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/2941315", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SAP NetWeaver AS JAVA (ENGINEAPI)", vendor: "SAP SE", versions: [ { status: "affected", version: "< 7.10", }, ], }, { product: "SAP NetWeaver AS JAVA (WSRM)", vendor: "SAP SE", versions: [ { status: "affected", version: "< 7.10", }, { status: "affected", version: "< 7.11", }, { status: "affected", version: "< 7.20", }, { status: "affected", version: "< 7.30", }, { status: "affected", version: "< 7.31", }, { status: "affected", version: "< 7.40", }, { status: "affected", version: "< 7.50", }, ], }, { product: "SAP NetWeaver AS JAVA (J2EE-FRMW)", vendor: "SAP SE", versions: [ { status: "affected", version: "< 7.10", }, { status: "affected", version: "< 7.11", }, ], }, ], descriptions: [ { lang: "en", value: "SAP NetWeaver AS JAVA, versions - (ENGINEAPI 7.10; WSRM 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; J2EE-FRMW 7.10, 7.11), does not perform any authentication checks for a web service allowing the attacker to send several payloads and leading to complete denial of service.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "Missing Authentication check", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-08-12T13:51:59", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552603345", }, { tags: [ "x_refsource_MISC", ], url: "https://launchpad.support.sap.com/#/notes/2941315", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cna@sap.com", ID: "CVE-2020-6309", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SAP NetWeaver AS JAVA (ENGINEAPI)", version: { version_data: [ { version_name: "<", version_value: "7.10", }, ], }, }, { product_name: "SAP NetWeaver AS JAVA (WSRM)", version: { version_data: [ { version_name: "<", version_value: "7.10", }, { version_name: "<", version_value: "7.11", }, { version_name: "<", version_value: "7.20", }, { version_name: "<", version_value: "7.30", }, { version_name: "<", version_value: "7.31", }, { version_name: "<", version_value: "7.40", }, { version_name: "<", version_value: "7.50", }, ], }, }, { product_name: "SAP NetWeaver AS JAVA (J2EE-FRMW)", version: { version_data: [ { version_name: "<", version_value: "7.10", }, { version_name: "<", version_value: "7.11", }, ], }, }, ], }, vendor_name: "SAP SE", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "SAP NetWeaver AS JAVA, versions - (ENGINEAPI 7.10; WSRM 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; J2EE-FRMW 7.10, 7.11), does not perform any authentication checks for a web service allowing the attacker to send several payloads and leading to complete denial of service.", }, ], }, impact: { cvss: { baseScore: "7.5", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Missing Authentication check", }, ], }, ], }, references: { reference_data: [ { name: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552603345", refsource: "MISC", url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552603345", }, { name: "https://launchpad.support.sap.com/#/notes/2941315", refsource: "MISC", url: "https://launchpad.support.sap.com/#/notes/2941315", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2020-6309", datePublished: "2020-08-12T13:51:59", dateReserved: "2020-01-08T00:00:00", dateUpdated: "2024-08-04T08:55:22.249Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-28164
Vulnerability from cvelistv5
Published
2024-06-11 02:18
Modified
2024-08-02 00:48
Severity ?
EPSS score ?
Summary
SAP NetWeaver AS Java (CAF - Guided Procedures)
allows an unauthenticated user to access non-sensitive information about the
server which would otherwise be restricted causing low impact on
confidentiality of the application.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP_SE | SAP NetWeaver AS Java |
Version: GP-CORE 7.5 |
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:sap:netweaver:7.50:*:*:*:java_as:*:*:*", ], defaultStatus: "unknown", product: "netweaver", vendor: "sap", versions: [ { status: "affected", version: "7.50", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-28164", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-06-28T15:00:57.290351Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-07-03T16:44:43.157Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-02T00:48:49.198Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://me.sap.com/notes/3425571", }, { tags: [ "x_transferred", ], url: "https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SAP NetWeaver AS Java", vendor: "SAP_SE", versions: [ { status: "affected", version: "GP-CORE 7.5", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "SAP NetWeaver AS Java (CAF - Guided Procedures)\nallows an unauthenticated user to access non-sensitive information about the\nserver which would otherwise be restricted causing low impact on\nconfidentiality of the application.", }, ], value: "SAP NetWeaver AS Java (CAF - Guided Procedures)\nallows an unauthenticated user to access non-sensitive information about the\nserver which would otherwise be restricted causing low impact on\nconfidentiality of the application.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-200", description: "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-11T10:10:35.316Z", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { url: "https://me.sap.com/notes/3425571", }, { url: "https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html", }, ], source: { discovery: "UNKNOWN", }, title: "Information Disclosure vulnerability in SAP NetWeaver AS Java (Guided Procedures)", x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2024-28164", datePublished: "2024-06-11T02:18:48.019Z", dateReserved: "2024-03-06T06:12:27.005Z", dateUpdated: "2024-08-02T00:48:49.198Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-9563
Vulnerability from cvelistv5
Published
2016-11-23 02:00
Modified
2025-02-07 14:17
Severity ?
EPSS score ?
Summary
BC-BMT-BPM-DSK in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity (XXE) attacks via the sap.com~tc~bpem~him~uwlconn~provider~web/bpemuwlconn URI, aka SAP Security Note 2296909.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/92419 | vdb-entry, x_refsource_BID | |
| https://erpscan.io/advisories/erpscan-16-034-sap-netweaver-java-xxe-vulnerability-bc-bmt-bpm-dsk-component/ | x_refsource_MISC | |
| https://launchpad.support.sap.com/#/notes/2296909 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T02:50:38.662Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "92419", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/92419", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://erpscan.io/advisories/erpscan-16-034-sap-netweaver-java-xxe-vulnerability-bc-bmt-bpm-dsk-component/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/2296909", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2016-9563", options: [ { Exploitation: "active", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-02-07T14:10:22.640315Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2021-11-03", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2016-9563", }, type: "kev", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-611", description: "CWE-611 Improper Restriction of XML External Entity Reference", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-07T14:17:38.899Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-11-22T00:00:00.000Z", descriptions: [ { lang: "en", value: "BC-BMT-BPM-DSK in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity (XXE) attacks via the sap.com~tc~bpem~him~uwlconn~provider~web/bpemuwlconn URI, aka SAP Security Note 2296909.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-11-10T14:32:44.000Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "92419", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/92419", }, { tags: [ "x_refsource_MISC", ], url: "https://erpscan.io/advisories/erpscan-16-034-sap-netweaver-java-xxe-vulnerability-bc-bmt-bpm-dsk-component/", }, { tags: [ "x_refsource_MISC", ], url: "https://launchpad.support.sap.com/#/notes/2296909", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-9563", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "BC-BMT-BPM-DSK in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity (XXE) attacks via the sap.com~tc~bpem~him~uwlconn~provider~web/bpemuwlconn URI, aka SAP Security Note 2296909.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "92419", refsource: "BID", url: "http://www.securityfocus.com/bid/92419", }, { name: "https://erpscan.io/advisories/erpscan-16-034-sap-netweaver-java-xxe-vulnerability-bc-bmt-bpm-dsk-component/", refsource: "MISC", url: "https://erpscan.io/advisories/erpscan-16-034-sap-netweaver-java-xxe-vulnerability-bc-bmt-bpm-dsk-component/", }, { name: "https://launchpad.support.sap.com/#/notes/2296909", refsource: "MISC", url: "https://launchpad.support.sap.com/#/notes/2296909", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-9563", datePublished: "2016-11-23T02:00:00.000Z", dateReserved: "2016-11-22T00:00:00.000Z", dateUpdated: "2025-02-07T14:17:38.899Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-0345
Vulnerability from cvelistv5
Published
2019-08-14 13:54
Modified
2024-08-04 17:44
Severity ?
EPSS score ?
Summary
A remote unauthenticated attacker can abuse a web service in SAP NetWeaver Application Server for Java (Administrator System Overview), versions 7.30, 7.31, 7.40, 7.50, by sending a specially crafted XML file and trick the application server into leaking authentication credentials for its own SAP Management console, resulting in Server-Side Request Forgery.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017 | x_refsource_MISC | |
| https://launchpad.support.sap.com/#/notes/2813811 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP SE | SAP NetWeaver Application Server for Java (Administrator System Overview) |
Version: < 7.30 Version: < 7.31 Version: < 7.40 Version: < 7.50 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T17:44:16.475Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/2813811", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SAP NetWeaver Application Server for Java (Administrator System Overview)", vendor: "SAP SE", versions: [ { status: "affected", version: "< 7.30", }, { status: "affected", version: "< 7.31", }, { status: "affected", version: "< 7.40", }, { status: "affected", version: "< 7.50", }, ], }, ], descriptions: [ { lang: "en", value: "A remote unauthenticated attacker can abuse a web service in SAP NetWeaver Application Server for Java (Administrator System Overview), versions 7.30, 7.31, 7.40, 7.50, by sending a specially crafted XML file and trick the application server into leaking authentication credentials for its own SAP Management console, resulting in Server-Side Request Forgery.", }, ], problemTypes: [ { descriptions: [ { description: "Server-Side Request Forgery", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-08-14T13:54:04", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017", }, { tags: [ "x_refsource_MISC", ], url: "https://launchpad.support.sap.com/#/notes/2813811", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cna@sap.com", ID: "CVE-2019-0345", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SAP NetWeaver Application Server for Java (Administrator System Overview)", version: { version_data: [ { version_name: "<", version_value: "7.30", }, { version_name: "<", version_value: "7.31", }, { version_name: "<", version_value: "7.40", }, { version_name: "<", version_value: "7.50", }, ], }, }, ], }, vendor_name: "SAP SE", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A remote unauthenticated attacker can abuse a web service in SAP NetWeaver Application Server for Java (Administrator System Overview), versions 7.30, 7.31, 7.40, 7.50, by sending a specially crafted XML file and trick the application server into leaking authentication credentials for its own SAP Management console, resulting in Server-Side Request Forgery.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Server-Side Request Forgery", }, ], }, ], }, references: { reference_data: [ { name: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017", refsource: "MISC", url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017", }, { name: "https://launchpad.support.sap.com/#/notes/2813811", refsource: "MISC", url: "https://launchpad.support.sap.com/#/notes/2813811", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2019-0345", datePublished: "2019-08-14T13:54:04", dateReserved: "2018-11-26T00:00:00", dateUpdated: "2024-08-04T17:44:16.475Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-11457
Vulnerability from cvelistv5
Published
2017-07-25 18:00
Modified
2024-08-05 18:12
Severity ?
EPSS score ?
Summary
XML external entity (XXE) vulnerability in com.sap.km.cm.ice in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request, aka SAP Security Note 2387249.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/97572 | vdb-entry, x_refsource_BID | |
| https://erpscan.io/advisories/erpscan-17-018-sap-netweaver-java-7-5-xxe-com-sap-km-cm-ice/ | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T18:12:39.968Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "97572", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/97572", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://erpscan.io/advisories/erpscan-17-018-sap-netweaver-java-7-5-xxe-com-sap-km-cm-ice/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2017-04-11T00:00:00", descriptions: [ { lang: "en", value: "XML external entity (XXE) vulnerability in com.sap.km.cm.ice in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request, aka SAP Security Note 2387249.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-12-10T17:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "97572", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/97572", }, { tags: [ "x_refsource_MISC", ], url: "https://erpscan.io/advisories/erpscan-17-018-sap-netweaver-java-7-5-xxe-com-sap-km-cm-ice/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-11457", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "XML external entity (XXE) vulnerability in com.sap.km.cm.ice in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request, aka SAP Security Note 2387249.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "97572", refsource: "BID", url: "http://www.securityfocus.com/bid/97572", }, { name: "https://erpscan.io/advisories/erpscan-17-018-sap-netweaver-java-7-5-xxe-com-sap-km-cm-ice/", refsource: "MISC", url: "https://erpscan.io/advisories/erpscan-17-018-sap-netweaver-java-7-5-xxe-com-sap-km-cm-ice/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-11457", datePublished: "2017-07-25T18:00:00", dateReserved: "2017-07-19T00:00:00", dateUpdated: "2024-08-05T18:12:39.968Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-2386
Vulnerability from cvelistv5
Published
2016-02-16 15:00
Modified
2025-02-04 21:05
Severity ?
EPSS score ?
Summary
SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2101079.
References
| ▼ | URL | Tags |
|---|---|---|
| https://erpscan.io/advisories/erpscan-16-011-sap-netweaver-7-4-sql-injection-vulnerability/ | x_refsource_MISC | |
| http://packetstormsecurity.com/files/137129/SAP-NetWeaver-AS-JAVA-7.5-SQL-Injection.html | x_refsource_MISC | |
| https://www.exploit-db.com/exploits/39840/ | exploit, x_refsource_EXPLOIT-DB | |
| https://github.com/vah13/SAP_exploit | x_refsource_MISC | |
| https://erpscan.io/press-center/blog/sap-security-notes-february-2016-review/ | x_refsource_MISC | |
| https://www.exploit-db.com/exploits/43495/ | exploit, x_refsource_EXPLOIT-DB | |
| http://seclists.org/fulldisclosure/2016/May/56 | mailing-list, x_refsource_FULLDISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T23:24:49.308Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://erpscan.io/advisories/erpscan-16-011-sap-netweaver-7-4-sql-injection-vulnerability/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/137129/SAP-NetWeaver-AS-JAVA-7.5-SQL-Injection.html", }, { name: "39840", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "https://www.exploit-db.com/exploits/39840/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/vah13/SAP_exploit", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://erpscan.io/press-center/blog/sap-security-notes-february-2016-review/", }, { name: "43495", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "https://www.exploit-db.com/exploits/43495/", }, { name: "20160523 [ERPSCAN-16-011] SAP NetWeaver AS JAVA - SQL injection vulnerability", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2016/May/56", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2016-2386", options: [ { Exploitation: "active", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-04T21:00:31.641195Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2022-06-09", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2016-2386", }, type: "kev", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-89", description: "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-04T21:05:08.280Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-02-10T00:00:00.000Z", descriptions: [ { lang: "en", value: "SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2101079.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-12-10T17:57:01.000Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://erpscan.io/advisories/erpscan-16-011-sap-netweaver-7-4-sql-injection-vulnerability/", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/137129/SAP-NetWeaver-AS-JAVA-7.5-SQL-Injection.html", }, { name: "39840", tags: [ "exploit", "x_refsource_EXPLOIT-DB", ], url: "https://www.exploit-db.com/exploits/39840/", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/vah13/SAP_exploit", }, { tags: [ "x_refsource_MISC", ], url: "https://erpscan.io/press-center/blog/sap-security-notes-february-2016-review/", }, { name: "43495", tags: [ "exploit", "x_refsource_EXPLOIT-DB", ], url: "https://www.exploit-db.com/exploits/43495/", }, { name: "20160523 [ERPSCAN-16-011] SAP NetWeaver AS JAVA - SQL injection vulnerability", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2016/May/56", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-2386", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2101079.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://erpscan.io/advisories/erpscan-16-011-sap-netweaver-7-4-sql-injection-vulnerability/", refsource: "MISC", url: "https://erpscan.io/advisories/erpscan-16-011-sap-netweaver-7-4-sql-injection-vulnerability/", }, { name: "http://packetstormsecurity.com/files/137129/SAP-NetWeaver-AS-JAVA-7.5-SQL-Injection.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/137129/SAP-NetWeaver-AS-JAVA-7.5-SQL-Injection.html", }, { name: "39840", refsource: "EXPLOIT-DB", url: "https://www.exploit-db.com/exploits/39840/", }, { name: "https://github.com/vah13/SAP_exploit", refsource: "MISC", url: "https://github.com/vah13/SAP_exploit", }, { name: "https://erpscan.io/press-center/blog/sap-security-notes-february-2016-review/", refsource: "MISC", url: "https://erpscan.io/press-center/blog/sap-security-notes-february-2016-review/", }, { name: "43495", refsource: "EXPLOIT-DB", url: "https://www.exploit-db.com/exploits/43495/", }, { name: "20160523 [ERPSCAN-16-011] SAP NetWeaver AS JAVA - SQL injection vulnerability", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2016/May/56", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-2386", datePublished: "2016-02-16T15:00:00.000Z", dateReserved: "2016-02-16T00:00:00.000Z", dateUpdated: "2025-02-04T21:05:08.280Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-22533
Vulnerability from cvelistv5
Published
2022-02-09 22:05
Modified
2024-08-03 03:14
Severity ?
EPSS score ?
Summary
Due to improper error handling in SAP NetWeaver Application Server Java - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, an attacker could submit multiple HTTP server requests resulting in errors, such that it consumes the memory buffer. This could result in system shutdown rendering the system unavailable.
References
| ▼ | URL | Tags |
|---|---|---|
| https://launchpad.support.sap.com/#/notes/3123427 | x_refsource_MISC | |
| https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP SE | SAP NetWeaver Application Server Java |
Version: KRNL64NUC 7.22 Version: 7.22EXT Version: 7.49 Version: KRNL64UC Version: 7.22 Version: 7.53 Version: KERNEL 7.22 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T03:14:55.480Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/3123427", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SAP NetWeaver Application Server Java", vendor: "SAP SE", versions: [ { status: "affected", version: "KRNL64NUC 7.22", }, { status: "affected", version: "7.22EXT", }, { status: "affected", version: "7.49", }, { status: "affected", version: "KRNL64UC", }, { status: "affected", version: "7.22", }, { status: "affected", version: "7.53", }, { status: "affected", version: "KERNEL 7.22", }, ], }, ], descriptions: [ { lang: "en", value: "Due to improper error handling in SAP NetWeaver Application Server Java - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, an attacker could submit multiple HTTP server requests resulting in errors, such that it consumes the memory buffer. This could result in system shutdown rendering the system unavailable.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-416", description: "CWE-416", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-08-24T15:17:11", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://launchpad.support.sap.com/#/notes/3123427", }, { tags: [ "x_refsource_MISC", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cna@sap.com", ID: "CVE-2022-22533", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SAP NetWeaver Application Server Java", version: { version_data: [ { version_affected: "=", version_value: "KRNL64NUC 7.22", }, { version_affected: "=", version_value: "7.22EXT", }, { version_affected: "=", version_value: "7.49", }, { version_affected: "=", version_value: "KRNL64UC", }, { version_affected: "=", version_value: "7.22", }, { version_affected: "=", version_value: "7.22EXT", }, { version_affected: "=", version_value: "7.49", }, { version_affected: "=", version_value: "7.53", }, { version_affected: "=", version_value: "KERNEL 7.22", }, { version_affected: "=", version_value: "7.49", }, { version_affected: "=", version_value: "7.53", }, ], }, }, ], }, vendor_name: "SAP SE", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Due to improper error handling in SAP NetWeaver Application Server Java - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, an attacker could submit multiple HTTP server requests resulting in errors, such that it consumes the memory buffer. This could result in system shutdown rendering the system unavailable.", }, ], }, impact: { cvss: { baseScore: "null", vectorString: "null", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-416", }, ], }, ], }, references: { reference_data: [ { name: "https://launchpad.support.sap.com/#/notes/3123427", refsource: "MISC", url: "https://launchpad.support.sap.com/#/notes/3123427", }, { name: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", refsource: "MISC", url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2022-22533", datePublished: "2022-02-09T22:05:20", dateReserved: "2022-01-04T00:00:00", dateUpdated: "2024-08-03T03:14:55.480Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-3974
Vulnerability from cvelistv5
Published
2016-04-07 19:00
Modified
2024-08-06 00:10
Severity ?
EPSS score ?
Summary
XML external entity (XXE) vulnerability in the Configuration Wizard in SAP NetWeaver Java AS 7.1 through 7.5 allows remote attackers to cause a denial of service, conduct SMB Relay attacks, or access arbitrary files via a crafted XML request to _tc~monitoring~webservice~web/ServerNodesWSService, aka SAP Security Note 2235994.
References
| ▼ | URL | Tags |
|---|---|---|
| https://erpscan.io/advisories/erpscan-16-013-sap-netweaver-7-4-ctcprotocol-servlet-xxe/ | x_refsource_MISC | |
| http://seclists.org/fulldisclosure/2016/Jun/41 | mailing-list, x_refsource_FULLDISC | |
| https://erpscan.io/press-center/blog/sap-security-notes-march-2016-review/ | x_refsource_MISC | |
| https://www.exploit-db.com/exploits/39995/ | exploit, x_refsource_EXPLOIT-DB | |
| http://packetstormsecurity.com/files/137527/SAP-NetWeaver-AS-JAVA-7.5-XXE-Injection.html | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T00:10:31.957Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://erpscan.io/advisories/erpscan-16-013-sap-netweaver-7-4-ctcprotocol-servlet-xxe/", }, { name: "20160618 [ERPSCAN-16-013] SAP NetWeaver AS Java ctcprotocol servlet - XXE vulnerability", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2016/Jun/41", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://erpscan.io/press-center/blog/sap-security-notes-march-2016-review/", }, { name: "39995", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "https://www.exploit-db.com/exploits/39995/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/137527/SAP-NetWeaver-AS-JAVA-7.5-XXE-Injection.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-03-08T00:00:00", descriptions: [ { lang: "en", value: "XML external entity (XXE) vulnerability in the Configuration Wizard in SAP NetWeaver Java AS 7.1 through 7.5 allows remote attackers to cause a denial of service, conduct SMB Relay attacks, or access arbitrary files via a crafted XML request to _tc~monitoring~webservice~web/ServerNodesWSService, aka SAP Security Note 2235994.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-12-10T17:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://erpscan.io/advisories/erpscan-16-013-sap-netweaver-7-4-ctcprotocol-servlet-xxe/", }, { name: "20160618 [ERPSCAN-16-013] SAP NetWeaver AS Java ctcprotocol servlet - XXE vulnerability", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2016/Jun/41", }, { tags: [ "x_refsource_MISC", ], url: "https://erpscan.io/press-center/blog/sap-security-notes-march-2016-review/", }, { name: "39995", tags: [ "exploit", "x_refsource_EXPLOIT-DB", ], url: "https://www.exploit-db.com/exploits/39995/", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/137527/SAP-NetWeaver-AS-JAVA-7.5-XXE-Injection.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-3974", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "XML external entity (XXE) vulnerability in the Configuration Wizard in SAP NetWeaver Java AS 7.1 through 7.5 allows remote attackers to cause a denial of service, conduct SMB Relay attacks, or access arbitrary files via a crafted XML request to _tc~monitoring~webservice~web/ServerNodesWSService, aka SAP Security Note 2235994.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://erpscan.io/advisories/erpscan-16-013-sap-netweaver-7-4-ctcprotocol-servlet-xxe/", refsource: "MISC", url: "https://erpscan.io/advisories/erpscan-16-013-sap-netweaver-7-4-ctcprotocol-servlet-xxe/", }, { name: "20160618 [ERPSCAN-16-013] SAP NetWeaver AS Java ctcprotocol servlet - XXE vulnerability", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2016/Jun/41", }, { name: "https://erpscan.io/press-center/blog/sap-security-notes-march-2016-review/", refsource: "MISC", url: "https://erpscan.io/press-center/blog/sap-security-notes-march-2016-review/", }, { name: "39995", refsource: "EXPLOIT-DB", url: "https://www.exploit-db.com/exploits/39995/", }, { name: "http://packetstormsecurity.com/files/137527/SAP-NetWeaver-AS-JAVA-7.5-XXE-Injection.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/137527/SAP-NetWeaver-AS-JAVA-7.5-XXE-Injection.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-3974", datePublished: "2016-04-07T19:00:00", dateReserved: "2016-04-07T00:00:00", dateUpdated: "2024-08-06T00:10:31.957Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-3976
Vulnerability from cvelistv5
Published
2016-04-07 23:00
Modified
2025-02-04 21:05
Severity ?
EPSS score ?
Summary
Directory traversal vulnerability in SAP NetWeaver AS Java 7.1 through 7.5 allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the fileName parameter to CrashFileDownloadServlet, aka SAP Security Note 2234971.
References
| ▼ | URL | Tags |
|---|---|---|
| https://erpscan.io/press-center/blog/sap-security-notes-march-2016-review/ | x_refsource_MISC | |
| http://seclists.org/fulldisclosure/2016/Jun/40 | mailing-list, x_refsource_FULLDISC | |
| http://packetstormsecurity.com/files/137528/SAP-NetWeaver-AS-JAVA-7.5-Directory-Traversal.html | x_refsource_MISC | |
| https://erpscan.io/advisories/erpscan-16-012/ | x_refsource_MISC | |
| https://www.exploit-db.com/exploits/39996/ | exploit, x_refsource_EXPLOIT-DB | |
| https://launchpad.support.sap.com/#/notes/2234971 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T00:10:31.979Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://erpscan.io/press-center/blog/sap-security-notes-march-2016-review/", }, { name: "20160618 [ERPSCAN-16-012] SAP NetWeaver AS JAVA - directory traversal vulnerability", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2016/Jun/40", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/137528/SAP-NetWeaver-AS-JAVA-7.5-Directory-Traversal.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://erpscan.io/advisories/erpscan-16-012/", }, { name: "39996", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "https://www.exploit-db.com/exploits/39996/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/2234971", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2016-3976", options: [ { Exploitation: "active", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-02-04T20:58:34.261968Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2021-11-03", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2016-3976", }, type: "kev", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-22", description: "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-04T21:05:07.499Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-03-08T00:00:00.000Z", descriptions: [ { lang: "en", value: "Directory traversal vulnerability in SAP NetWeaver AS Java 7.1 through 7.5 allows remote attackers to read arbitrary files via a ..\\ (dot dot backslash) in the fileName parameter to CrashFileDownloadServlet, aka SAP Security Note 2234971.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-11-10T14:42:21.000Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://erpscan.io/press-center/blog/sap-security-notes-march-2016-review/", }, { name: "20160618 [ERPSCAN-16-012] SAP NetWeaver AS JAVA - directory traversal vulnerability", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2016/Jun/40", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/137528/SAP-NetWeaver-AS-JAVA-7.5-Directory-Traversal.html", }, { tags: [ "x_refsource_MISC", ], url: "https://erpscan.io/advisories/erpscan-16-012/", }, { name: "39996", tags: [ "exploit", "x_refsource_EXPLOIT-DB", ], url: "https://www.exploit-db.com/exploits/39996/", }, { tags: [ "x_refsource_MISC", ], url: "https://launchpad.support.sap.com/#/notes/2234971", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-3976", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Directory traversal vulnerability in SAP NetWeaver AS Java 7.1 through 7.5 allows remote attackers to read arbitrary files via a ..\\ (dot dot backslash) in the fileName parameter to CrashFileDownloadServlet, aka SAP Security Note 2234971.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://erpscan.io/press-center/blog/sap-security-notes-march-2016-review/", refsource: "MISC", url: "https://erpscan.io/press-center/blog/sap-security-notes-march-2016-review/", }, { name: "20160618 [ERPSCAN-16-012] SAP NetWeaver AS JAVA - directory traversal vulnerability", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2016/Jun/40", }, { name: "http://packetstormsecurity.com/files/137528/SAP-NetWeaver-AS-JAVA-7.5-Directory-Traversal.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/137528/SAP-NetWeaver-AS-JAVA-7.5-Directory-Traversal.html", }, { name: "https://erpscan.io/advisories/erpscan-16-012/", refsource: "MISC", url: "https://erpscan.io/advisories/erpscan-16-012/", }, { name: "39996", refsource: "EXPLOIT-DB", url: "https://www.exploit-db.com/exploits/39996/", }, { name: "https://launchpad.support.sap.com/#/notes/2234971", refsource: "MISC", url: "https://launchpad.support.sap.com/#/notes/2234971", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-3976", datePublished: "2016-04-07T23:00:00.000Z", dateReserved: "2016-04-07T00:00:00.000Z", dateUpdated: "2025-02-04T21:05:07.499Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-0389
Vulnerability from cvelistv5
Published
2019-11-13 21:58
Modified
2024-08-04 17:51
Severity ?
EPSS score ?
Summary
An administrator of SAP NetWeaver Application Server Java (J2EE-Framework), (corrected in versions 7.1, 7.2, 7.3, 7.31, 7.4, 7.5), may change privileges for all or some functions in Java Server, and enable users to execute functions, they are not allowed to execute otherwise.
References
| ▼ | URL | Tags |
|---|---|---|
| https://launchpad.support.sap.com/#/notes/2814357 | x_refsource_MISC | |
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528880390 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP SE | SAP NetWeaver Application Server Java (J2EE-Framework) |
Version: < 7.1 Version: < 7.2 Version: < 7.3 Version: < 7.31 Version: < 7.4 Version: < 7.5 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T17:51:26.664Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/2814357", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528880390", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SAP NetWeaver Application Server Java (J2EE-Framework)", vendor: "SAP SE", versions: [ { status: "affected", version: "< 7.1", }, { status: "affected", version: "< 7.2", }, { status: "affected", version: "< 7.3", }, { status: "affected", version: "< 7.31", }, { status: "affected", version: "< 7.4", }, { status: "affected", version: "< 7.5", }, ], }, ], descriptions: [ { lang: "en", value: "An administrator of SAP NetWeaver Application Server Java (J2EE-Framework), (corrected in versions 7.1, 7.2, 7.3, 7.31, 7.4, 7.5), may change privileges for all or some functions in Java Server, and enable users to execute functions, they are not allowed to execute otherwise.", }, ], problemTypes: [ { descriptions: [ { description: "Other", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-11-13T21:58:44", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://launchpad.support.sap.com/#/notes/2814357", }, { tags: [ "x_refsource_MISC", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528880390", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cna@sap.com", ID: "CVE-2019-0389", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SAP NetWeaver Application Server Java (J2EE-Framework)", version: { version_data: [ { version_name: "<", version_value: "7.1", }, { version_name: "<", version_value: "7.2", }, { version_name: "<", version_value: "7.3", }, { version_name: "<", version_value: "7.31", }, { version_name: "<", version_value: "7.4", }, { version_name: "<", version_value: "7.5", }, ], }, }, ], }, vendor_name: "SAP SE", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An administrator of SAP NetWeaver Application Server Java (J2EE-Framework), (corrected in versions 7.1, 7.2, 7.3, 7.31, 7.4, 7.5), may change privileges for all or some functions in Java Server, and enable users to execute functions, they are not allowed to execute otherwise.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Other", }, ], }, ], }, references: { reference_data: [ { name: "https://launchpad.support.sap.com/#/notes/2814357", refsource: "MISC", url: "https://launchpad.support.sap.com/#/notes/2814357", }, { name: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528880390", refsource: "MISC", url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528880390", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2019-0389", datePublished: "2019-11-13T21:58:44", dateReserved: "2018-11-26T00:00:00", dateUpdated: "2024-08-04T17:51:26.664Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-6190
Vulnerability from cvelistv5
Published
2020-02-12 19:46
Modified
2024-08-04 08:55
Severity ?
EPSS score ?
Summary
Certain vulnerable endpoints in SAP NetWeaver AS Java (Heap Dump Application), versions 7.30, 7.31, 7.40, 7.50, provide valuable information about the system like hostname, server node and installation path that could be misused by an attacker leading to Information Disclosure.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=537788812 | x_refsource_MISC | |
| https://launchpad.support.sap.com/#/notes/2838835 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP SE | SAP NetWeaver AS Java (Heap Dump Application) |
Version: = 7.30 Version: = 7.31 Version: = 7.40 Version: = 7.50 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T08:55:21.916Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=537788812", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/2838835", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SAP NetWeaver AS Java (Heap Dump Application)", vendor: "SAP SE", versions: [ { status: "affected", version: "= 7.30", }, { status: "affected", version: "= 7.31", }, { status: "affected", version: "= 7.40", }, { status: "affected", version: "= 7.50", }, ], }, ], descriptions: [ { lang: "en", value: "Certain vulnerable endpoints in SAP NetWeaver AS Java (Heap Dump Application), versions 7.30, 7.31, 7.40, 7.50, provide valuable information about the system like hostname, server node and installation path that could be misused by an attacker leading to Information Disclosure.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.8, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "Information Disclosure", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-02-12T19:46:01", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=537788812", }, { tags: [ "x_refsource_MISC", ], url: "https://launchpad.support.sap.com/#/notes/2838835", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cna@sap.com", ID: "CVE-2020-6190", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SAP NetWeaver AS Java (Heap Dump Application)", version: { version_data: [ { version_name: "=", version_value: "7.30", }, { version_name: "=", version_value: "7.31", }, { version_name: "=", version_value: "7.40", }, { version_name: "=", version_value: "7.50", }, ], }, }, ], }, vendor_name: "SAP SE", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain vulnerable endpoints in SAP NetWeaver AS Java (Heap Dump Application), versions 7.30, 7.31, 7.40, 7.50, provide valuable information about the system like hostname, server node and installation path that could be misused by an attacker leading to Information Disclosure.", }, ], }, impact: { cvss: { baseScore: "5.8", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Information Disclosure", }, ], }, ], }, references: { reference_data: [ { name: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=537788812", refsource: "MISC", url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=537788812", }, { name: "https://launchpad.support.sap.com/#/notes/2838835", refsource: "MISC", url: "https://launchpad.support.sap.com/#/notes/2838835", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2020-6190", datePublished: "2020-02-12T19:46:01", dateReserved: "2020-01-08T00:00:00", dateUpdated: "2024-08-04T08:55:21.916Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-6224
Vulnerability from cvelistv5
Published
2020-04-14 18:31
Modified
2024-08-04 08:55
Severity ?
EPSS score ?
Summary
SAP NetWeaver AS Java (HTTP Service), versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker with administrator privileges to access user sensitive data such as passwords in trace files, when the user logs in and sends request with login credentials, leading to Information Disclosure.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=544214202 | x_refsource_MISC | |
| https://launchpad.support.sap.com/#/notes/2826528 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP SE | SAP NetWeaver AS Java (HTTP Service) |
Version: < 7.10 Version: < 7.11 Version: < 7.20 Version: < 7.30 Version: < 7.31 Version: < 7.40 Version: < 7.50 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T08:55:22.154Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=544214202", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/2826528", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SAP NetWeaver AS Java (HTTP Service)", vendor: "SAP SE", versions: [ { status: "affected", version: "< 7.10", }, { status: "affected", version: "< 7.11", }, { status: "affected", version: "< 7.20", }, { status: "affected", version: "< 7.30", }, { status: "affected", version: "< 7.31", }, { status: "affected", version: "< 7.40", }, { status: "affected", version: "< 7.50", }, ], }, ], descriptions: [ { lang: "en", value: "SAP NetWeaver AS Java (HTTP Service), versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker with administrator privileges to access user sensitive data such as passwords in trace files, when the user logs in and sends request with login credentials, leading to Information Disclosure.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "Information Disclosure", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-04-14T18:31:46", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=544214202", }, { tags: [ "x_refsource_MISC", ], url: "https://launchpad.support.sap.com/#/notes/2826528", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cna@sap.com", ID: "CVE-2020-6224", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SAP NetWeaver AS Java (HTTP Service)", version: { version_data: [ { version_name: "<", version_value: "7.10", }, { version_name: "<", version_value: "7.11", }, { version_name: "<", version_value: "7.20", }, { version_name: "<", version_value: "7.30", }, { version_name: "<", version_value: "7.31", }, { version_name: "<", version_value: "7.40", }, { version_name: "<", version_value: "7.50", }, ], }, }, ], }, vendor_name: "SAP SE", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "SAP NetWeaver AS Java (HTTP Service), versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker with administrator privileges to access user sensitive data such as passwords in trace files, when the user logs in and sends request with login credentials, leading to Information Disclosure.", }, ], }, impact: { cvss: { baseScore: "6.2", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Information Disclosure", }, ], }, ], }, references: { reference_data: [ { name: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=544214202", refsource: "MISC", url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=544214202", }, { name: "https://launchpad.support.sap.com/#/notes/2826528", refsource: "MISC", url: "https://launchpad.support.sap.com/#/notes/2826528", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2020-6224", datePublished: "2020-04-14T18:31:46", dateReserved: "2020-01-08T00:00:00", dateUpdated: "2024-08-04T08:55:22.154Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-21492
Vulnerability from cvelistv5
Published
2021-04-13 18:40
Modified
2024-08-03 18:16
Severity ?
EPSS score ?
Summary
SAP NetWeaver Application Server Java(HTTP Service), versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently validate logon group in URLs, resulting in a content spoofing vulnerability when directory listing is enabled.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=573801649 | x_refsource_MISC | |
| https://launchpad.support.sap.com/#/notes/3025637 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP SE | SAP NetWeaver AS for JAVA (HTTP Service) |
Version: < 7.10 Version: < 7.11 Version: < 7.20 Version: < 7.30 Version: < 7.31 Version: < 7.40 Version: < 7.50 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T18:16:22.651Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=573801649", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/3025637", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SAP NetWeaver AS for JAVA (HTTP Service)", vendor: "SAP SE", versions: [ { status: "affected", version: "< 7.10", }, { status: "affected", version: "< 7.11", }, { status: "affected", version: "< 7.20", }, { status: "affected", version: "< 7.30", }, { status: "affected", version: "< 7.31", }, { status: "affected", version: "< 7.40", }, { status: "affected", version: "< 7.50", }, ], }, ], descriptions: [ { lang: "en", value: "SAP NetWeaver Application Server Java(HTTP Service), versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently validate logon group in URLs, resulting in a content spoofing vulnerability when directory listing is enabled.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-290", description: "Content Spoofing (CWE-290)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-04-13T18:40:20", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=573801649", }, { tags: [ "x_refsource_MISC", ], url: "https://launchpad.support.sap.com/#/notes/3025637", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cna@sap.com", ID: "CVE-2021-21492", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SAP NetWeaver AS for JAVA (HTTP Service)", version: { version_data: [ { version_name: "<", version_value: "7.10", }, { version_name: "<", version_value: "7.11", }, { version_name: "<", version_value: "7.20", }, { version_name: "<", version_value: "7.30", }, { version_name: "<", version_value: "7.31", }, { version_name: "<", version_value: "7.40", }, { version_name: "<", version_value: "7.50", }, ], }, }, ], }, vendor_name: "SAP SE", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "SAP NetWeaver Application Server Java(HTTP Service), versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently validate logon group in URLs, resulting in a content spoofing vulnerability when directory listing is enabled.", }, ], }, impact: { cvss: { baseScore: "4.3", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Content Spoofing (CWE-290)", }, ], }, ], }, references: { reference_data: [ { name: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=573801649", refsource: "MISC", url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=573801649", }, { name: "https://launchpad.support.sap.com/#/notes/3025637", refsource: "MISC", url: "https://launchpad.support.sap.com/#/notes/3025637", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2021-21492", datePublished: "2021-04-13T18:40:20", dateReserved: "2020-12-30T00:00:00", dateUpdated: "2024-08-03T18:16:22.651Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-14581
Vulnerability from cvelistv5
Published
2017-09-19 16:00
Modified
2024-08-05 19:34
Severity ?
EPSS score ?
Summary
The Host Control web service in SAP NetWeaver AS JAVA 7.0 through 7.5 allows remote attackers to cause a denial of service (service crash) via a crafted request, aka SAP Security Note 2389181.
References
| ▼ | URL | Tags |
|---|---|---|
| https://erpscan.io/advisories/erpscan-17-030-sap-hostcontrol-remote-dos/ | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T19:34:38.525Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://erpscan.io/advisories/erpscan-17-030-sap-hostcontrol-remote-dos/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2017-06-13T00:00:00", descriptions: [ { lang: "en", value: "The Host Control web service in SAP NetWeaver AS JAVA 7.0 through 7.5 allows remote attackers to cause a denial of service (service crash) via a crafted request, aka SAP Security Note 2389181.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-12-10T17:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://erpscan.io/advisories/erpscan-17-030-sap-hostcontrol-remote-dos/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-14581", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Host Control web service in SAP NetWeaver AS JAVA 7.0 through 7.5 allows remote attackers to cause a denial of service (service crash) via a crafted request, aka SAP Security Note 2389181.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://erpscan.io/advisories/erpscan-17-030-sap-hostcontrol-remote-dos/", refsource: "MISC", url: "https://erpscan.io/advisories/erpscan-17-030-sap-hostcontrol-remote-dos/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-14581", datePublished: "2017-09-19T16:00:00", dateReserved: "2017-09-18T00:00:00", dateUpdated: "2024-08-05T19:34:38.525Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-9562
Vulnerability from cvelistv5
Published
2016-11-23 02:00
Modified
2024-08-06 02:50
Severity ?
EPSS score ?
Summary
SAP NetWeaver AS JAVA 7.4 allows remote attackers to cause a Denial of Service (null pointer exception and icman outage) via an HTTPS request to the sap.com~P4TunnelingApp!web/myServlet URI, aka SAP Security Note 2313835.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/92418 | vdb-entry, x_refsource_BID | |
| https://erpscan.io/advisories/erpscan-16-033-sap-netweaver-java-icman-dos-vulnerability/ | x_refsource_MISC | |
| http://www.securityfocus.com/bid/95363 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T02:50:38.584Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "92418", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/92418", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://erpscan.io/advisories/erpscan-16-033-sap-netweaver-java-icman-dos-vulnerability/", }, { name: "95363", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/95363", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-11-22T00:00:00", descriptions: [ { lang: "en", value: "SAP NetWeaver AS JAVA 7.4 allows remote attackers to cause a Denial of Service (null pointer exception and icman outage) via an HTTPS request to the sap.com~P4TunnelingApp!web/myServlet URI, aka SAP Security Note 2313835.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-12-10T17:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "92418", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/92418", }, { tags: [ "x_refsource_MISC", ], url: "https://erpscan.io/advisories/erpscan-16-033-sap-netweaver-java-icman-dos-vulnerability/", }, { name: "95363", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/95363", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-9562", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "SAP NetWeaver AS JAVA 7.4 allows remote attackers to cause a Denial of Service (null pointer exception and icman outage) via an HTTPS request to the sap.com~P4TunnelingApp!web/myServlet URI, aka SAP Security Note 2313835.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "92418", refsource: "BID", url: "http://www.securityfocus.com/bid/92418", }, { name: "https://erpscan.io/advisories/erpscan-16-033-sap-netweaver-java-icman-dos-vulnerability/", refsource: "MISC", url: "https://erpscan.io/advisories/erpscan-16-033-sap-netweaver-java-icman-dos-vulnerability/", }, { name: "95363", refsource: "BID", url: "http://www.securityfocus.com/bid/95363", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-9562", datePublished: "2016-11-23T02:00:00", dateReserved: "2016-11-22T00:00:00", dateUpdated: "2024-08-06T02:50:38.584Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-3975
Vulnerability from cvelistv5
Published
2016-04-07 19:00
Modified
2024-08-06 00:10
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in SAP NetWeaver AS Java 7.1 through 7.5 allows remote attackers to inject arbitrary web script or HTML via the navigationTarget parameter to irj/servlet/prt/portal/prteventname/XXX/prtroot/com.sapportals.navigation.testComponent.NavigationURLTester, aka SAP Security Note 2238375.
References
| ▼ | URL | Tags |
|---|---|---|
| http://packetstormsecurity.com/files/137529/SAP-NetWeaver-AS-JAVA-7.5-Cross-Site-Scripting.html | x_refsource_MISC | |
| http://seclists.org/fulldisclosure/2016/Jun/42 | mailing-list, x_refsource_FULLDISC | |
| https://erpscan.io/press-center/blog/sap-security-notes-march-2016-review/ | x_refsource_MISC | |
| https://erpscan.io/advisories/erpscan-16-014-sap-netweaver-7-4-navigationurltester/ | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T00:10:31.931Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/137529/SAP-NetWeaver-AS-JAVA-7.5-Cross-Site-Scripting.html", }, { name: "20160618 [ERPSCAN-16-014] SAP NetWeaver AS Java NavigationURLTester - XSS vulnerability", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2016/Jun/42", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://erpscan.io/press-center/blog/sap-security-notes-march-2016-review/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://erpscan.io/advisories/erpscan-16-014-sap-netweaver-7-4-navigationurltester/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-03-08T00:00:00", descriptions: [ { lang: "en", value: "Cross-site scripting (XSS) vulnerability in SAP NetWeaver AS Java 7.1 through 7.5 allows remote attackers to inject arbitrary web script or HTML via the navigationTarget parameter to irj/servlet/prt/portal/prteventname/XXX/prtroot/com.sapportals.navigation.testComponent.NavigationURLTester, aka SAP Security Note 2238375.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-12-10T17:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/137529/SAP-NetWeaver-AS-JAVA-7.5-Cross-Site-Scripting.html", }, { name: "20160618 [ERPSCAN-16-014] SAP NetWeaver AS Java NavigationURLTester - XSS vulnerability", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2016/Jun/42", }, { tags: [ "x_refsource_MISC", ], url: "https://erpscan.io/press-center/blog/sap-security-notes-march-2016-review/", }, { tags: [ "x_refsource_MISC", ], url: "https://erpscan.io/advisories/erpscan-16-014-sap-netweaver-7-4-navigationurltester/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-3975", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Cross-site scripting (XSS) vulnerability in SAP NetWeaver AS Java 7.1 through 7.5 allows remote attackers to inject arbitrary web script or HTML via the navigationTarget parameter to irj/servlet/prt/portal/prteventname/XXX/prtroot/com.sapportals.navigation.testComponent.NavigationURLTester, aka SAP Security Note 2238375.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://packetstormsecurity.com/files/137529/SAP-NetWeaver-AS-JAVA-7.5-Cross-Site-Scripting.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/137529/SAP-NetWeaver-AS-JAVA-7.5-Cross-Site-Scripting.html", }, { name: "20160618 [ERPSCAN-16-014] SAP NetWeaver AS Java NavigationURLTester - XSS vulnerability", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2016/Jun/42", }, { name: "https://erpscan.io/press-center/blog/sap-security-notes-march-2016-review/", refsource: "MISC", url: "https://erpscan.io/press-center/blog/sap-security-notes-march-2016-review/", }, { name: "https://erpscan.io/advisories/erpscan-16-014-sap-netweaver-7-4-navigationurltester/", refsource: "MISC", url: "https://erpscan.io/advisories/erpscan-16-014-sap-netweaver-7-4-navigationurltester/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-3975", datePublished: "2016-04-07T19:00:00", dateReserved: "2016-04-07T00:00:00", dateUpdated: "2024-08-06T00:10:31.931Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-33689
Vulnerability from cvelistv5
Published
2021-07-14 11:04
Modified
2024-08-03 23:58
Severity ?
EPSS score ?
Summary
When user with insufficient privileges tries to access any application in SAP NetWeaver Administrator (Administrator applications), version - 7.50, no security audit log is created. Therefore, security audit log Integrity is impacted.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=580617506 | x_refsource_MISC | |
| https://launchpad.support.sap.com/#/notes/3038594 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP SE | SAP NetWeaver AS JAVA (Administrator applications) |
Version: < 7.50 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T23:58:22.613Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=580617506", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/3038594", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SAP NetWeaver AS JAVA (Administrator applications)", vendor: "SAP SE", versions: [ { status: "affected", version: "< 7.50", }, ], }, ], descriptions: [ { lang: "en", value: "When user with insufficient privileges tries to access any application in SAP NetWeaver Administrator (Administrator applications), version - 7.50, no security audit log is created. Therefore, security audit log Integrity is impacted.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 3.5, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-778", description: "Insufficient Logging (CWE-778)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-07-14T11:04:38", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=580617506", }, { tags: [ "x_refsource_MISC", ], url: "https://launchpad.support.sap.com/#/notes/3038594", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cna@sap.com", ID: "CVE-2021-33689", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SAP NetWeaver AS JAVA (Administrator applications)", version: { version_data: [ { version_name: "<", version_value: "7.50", }, ], }, }, ], }, vendor_name: "SAP SE", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "When user with insufficient privileges tries to access any application in SAP NetWeaver Administrator (Administrator applications), version - 7.50, no security audit log is created. Therefore, security audit log Integrity is impacted.", }, ], }, impact: { cvss: { baseScore: "3.5", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Insufficient Logging (CWE-778)", }, ], }, ], }, references: { reference_data: [ { name: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=580617506", refsource: "MISC", url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=580617506", }, { name: "https://launchpad.support.sap.com/#/notes/3038594", refsource: "MISC", url: "https://launchpad.support.sap.com/#/notes/3038594", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2021-33689", datePublished: "2021-07-14T11:04:38", dateReserved: "2021-05-28T00:00:00", dateUpdated: "2024-08-03T23:58:22.613Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-26826
Vulnerability from cvelistv5
Published
2020-12-09 16:30
Modified
2024-08-04 16:03
Severity ?
EPSS score ?
Summary
Process Integration Monitoring of SAP NetWeaver AS JAVA, versions - 7.31, 7.40, 7.50, allows an attacker to upload any file (including script files) without proper file format validation, leading to Unrestricted File Upload.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079 | x_refsource_MISC | |
| https://launchpad.support.sap.com/#/notes/2974330 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP SE | SAP NetWeaver AS JAVA |
Version: < 7.31 Version: < 7.40 Version: < 7.50 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T16:03:22.433Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/2974330", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SAP NetWeaver AS JAVA", vendor: "SAP SE", versions: [ { status: "affected", version: "< 7.31", }, { status: "affected", version: "< 7.40", }, { status: "affected", version: "< 7.50", }, ], }, ], descriptions: [ { lang: "en", value: "Process Integration Monitoring of SAP NetWeaver AS JAVA, versions - 7.31, 7.40, 7.50, allows an attacker to upload any file (including script files) without proper file format validation, leading to Unrestricted File Upload.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "Unrestricted File Upload", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-12-09T16:30:35", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079", }, { tags: [ "x_refsource_MISC", ], url: "https://launchpad.support.sap.com/#/notes/2974330", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cna@sap.com", ID: "CVE-2020-26826", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SAP NetWeaver AS JAVA", version: { version_data: [ { version_name: "<", version_value: "7.31", }, { version_name: "<", version_value: "7.40", }, { version_name: "<", version_value: "7.50", }, ], }, }, ], }, vendor_name: "SAP SE", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Process Integration Monitoring of SAP NetWeaver AS JAVA, versions - 7.31, 7.40, 7.50, allows an attacker to upload any file (including script files) without proper file format validation, leading to Unrestricted File Upload.", }, ], }, impact: { cvss: { baseScore: "6.5", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Unrestricted File Upload", }, ], }, ], }, references: { reference_data: [ { name: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079", refsource: "MISC", url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079", }, { name: "https://launchpad.support.sap.com/#/notes/2974330", refsource: "MISC", url: "https://launchpad.support.sap.com/#/notes/2974330", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2020-26826", datePublished: "2020-12-09T16:30:35", dateReserved: "2020-10-07T00:00:00", dateUpdated: "2024-08-04T16:03:22.433Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-6287
Vulnerability from cvelistv5
Published
2020-07-14 12:30
Modified
2025-01-29 20:19
Severity ?
EPSS score ?
Summary
SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, does not perform an authentication check which allows an attacker without prior authentication to execute configuration tasks to perform critical actions against the SAP Java system, including the ability to create an administrative user, and therefore compromising Confidentiality, Integrity and Availability of the system, leading to Missing Authentication Check.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675 | x_refsource_MISC | |
| https://launchpad.support.sap.com/#/notes/2934135 | x_refsource_MISC | |
| https://www.onapsis.com/recon-sap-cyber-security-vulnerability | x_refsource_MISC | |
| http://seclists.org/fulldisclosure/2021/Apr/6 | mailing-list, x_refsource_FULLDISC | |
| http://packetstormsecurity.com/files/162085/SAP-JAVA-Configuration-Task-Execution.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP SE | SAP NetWeaver AS JAVA (LM Configuration Wizard) |
Version: < 7.30 Version: < 7.31 Version: < 7.40 Version: < 7.50 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T08:55:22.221Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/2934135", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.onapsis.com/recon-sap-cyber-security-vulnerability", }, { name: "20210405 Onapsis Security Advisory 2021-0003: [CVE-2020-6287] - [SAP RECON] SAP JAVA: Unauthenticated execution of configuration tasks", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2021/Apr/6", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/162085/SAP-JAVA-Configuration-Task-Execution.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-6287", options: [ { Exploitation: "active", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-01-29T20:18:25.859573Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2021-11-03", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2020-6287", }, type: "kev", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-306", description: "CWE-306 Missing Authentication for Critical Function", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-29T20:19:16.967Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "SAP NetWeaver AS JAVA (LM Configuration Wizard)", vendor: "SAP SE", versions: [ { status: "affected", version: "< 7.30", }, { status: "affected", version: "< 7.31", }, { status: "affected", version: "< 7.40", }, { status: "affected", version: "< 7.50", }, ], }, ], descriptions: [ { lang: "en", value: "SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, does not perform an authentication check which allows an attacker without prior authentication to execute configuration tasks to perform critical actions against the SAP Java system, including the ability to create an administrative user, and therefore compromising Confidentiality, Integrity and Availability of the system, leading to Missing Authentication Check.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 10, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "Missing Authentication Check", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-04-06T15:06:15.000Z", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675", }, { tags: [ "x_refsource_MISC", ], url: "https://launchpad.support.sap.com/#/notes/2934135", }, { tags: [ "x_refsource_MISC", ], url: "https://www.onapsis.com/recon-sap-cyber-security-vulnerability", }, { name: "20210405 Onapsis Security Advisory 2021-0003: [CVE-2020-6287] - [SAP RECON] SAP JAVA: Unauthenticated execution of configuration tasks", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2021/Apr/6", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/162085/SAP-JAVA-Configuration-Task-Execution.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cna@sap.com", ID: "CVE-2020-6287", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SAP NetWeaver AS JAVA (LM Configuration Wizard)", version: { version_data: [ { version_name: "<", version_value: "7.30", }, { version_name: "<", version_value: "7.31", }, { version_name: "<", version_value: "7.40", }, { version_name: "<", version_value: "7.50", }, ], }, }, ], }, vendor_name: "SAP SE", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, does not perform an authentication check which allows an attacker without prior authentication to execute configuration tasks to perform critical actions against the SAP Java system, including the ability to create an administrative user, and therefore compromising Confidentiality, Integrity and Availability of the system, leading to Missing Authentication Check.", }, ], }, impact: { cvss: { baseScore: "10.0", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Missing Authentication Check", }, ], }, ], }, references: { reference_data: [ { name: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675", refsource: "MISC", url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675", }, { name: "https://launchpad.support.sap.com/#/notes/2934135", refsource: "MISC", url: "https://launchpad.support.sap.com/#/notes/2934135", }, { name: "https://www.onapsis.com/recon-sap-cyber-security-vulnerability", refsource: "MISC", url: "https://www.onapsis.com/recon-sap-cyber-security-vulnerability", }, { name: "20210405 Onapsis Security Advisory 2021-0003: [CVE-2020-6287] - [SAP RECON] SAP JAVA: Unauthenticated execution of configuration tasks", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2021/Apr/6", }, { name: "http://packetstormsecurity.com/files/162085/SAP-JAVA-Configuration-Task-Execution.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/162085/SAP-JAVA-Configuration-Task-Execution.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2020-6287", datePublished: "2020-07-14T12:30:14.000Z", dateReserved: "2020-01-08T00:00:00.000Z", dateUpdated: "2025-01-29T20:19:16.967Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-33687
Vulnerability from cvelistv5
Published
2021-07-14 11:05
Modified
2024-08-03 23:58
Severity ?
EPSS score ?
Summary
SAP NetWeaver AS JAVA (Enterprise Portal), versions - 7.10, 7.20, 7.30, 7.31, 7.40, 7.50 reveals sensitive information in one of their HTTP requests, an attacker can use this in conjunction with other attacks such as XSS to steal this information.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=580617506 | x_refsource_MISC | |
| https://launchpad.support.sap.com/#/notes/3059764 | x_refsource_MISC | |
| http://seclists.org/fulldisclosure/2021/Oct/32 | mailing-list, x_refsource_FULLDISC | |
| http://packetstormsecurity.com/files/164600/SAP-Enterprise-Portal-Sensitive-Data-Disclosure.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP SE | SAP NetWeaver AS JAVA (Enterprise Portal) |
Version: < 7.10 Version: < 7.20 Version: < 7.30 Version: < 7.31 Version: < 7.40 Version: < 7.50 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T23:58:22.359Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=580617506", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/3059764", }, { name: "20211022 Onapsis Security Advisory 2021-0020: SAP Enterprise Portal - Exposed sensitive data in html body", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2021/Oct/32", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/164600/SAP-Enterprise-Portal-Sensitive-Data-Disclosure.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SAP NetWeaver AS JAVA (Enterprise Portal)", vendor: "SAP SE", versions: [ { status: "affected", version: "< 7.10", }, { status: "affected", version: "< 7.20", }, { status: "affected", version: "< 7.30", }, { status: "affected", version: "< 7.31", }, { status: "affected", version: "< 7.40", }, { status: "affected", version: "< 7.50", }, ], }, ], descriptions: [ { lang: "en", value: "SAP NetWeaver AS JAVA (Enterprise Portal), versions - 7.10, 7.20, 7.30, 7.31, 7.40, 7.50 reveals sensitive information in one of their HTTP requests, an attacker can use this in conjunction with other attacks such as XSS to steal this information.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "Information Disclosure", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-10-22T17:07:16", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=580617506", }, { tags: [ "x_refsource_MISC", ], url: "https://launchpad.support.sap.com/#/notes/3059764", }, { name: "20211022 Onapsis Security Advisory 2021-0020: SAP Enterprise Portal - Exposed sensitive data in html body", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2021/Oct/32", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/164600/SAP-Enterprise-Portal-Sensitive-Data-Disclosure.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cna@sap.com", ID: "CVE-2021-33687", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SAP NetWeaver AS JAVA (Enterprise Portal)", version: { version_data: [ { version_name: "<", version_value: "7.10", }, { version_name: "<", version_value: "7.20", }, { version_name: "<", version_value: "7.30", }, { version_name: "<", version_value: "7.31", }, { version_name: "<", version_value: "7.40", }, { version_name: "<", version_value: "7.50", }, ], }, }, ], }, vendor_name: "SAP SE", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "SAP NetWeaver AS JAVA (Enterprise Portal), versions - 7.10, 7.20, 7.30, 7.31, 7.40, 7.50 reveals sensitive information in one of their HTTP requests, an attacker can use this in conjunction with other attacks such as XSS to steal this information.", }, ], }, impact: { cvss: { baseScore: "4.5", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Information Disclosure", }, ], }, ], }, references: { reference_data: [ { name: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=580617506", refsource: "MISC", url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=580617506", }, { name: "https://launchpad.support.sap.com/#/notes/3059764", refsource: "MISC", url: "https://launchpad.support.sap.com/#/notes/3059764", }, { name: "20211022 Onapsis Security Advisory 2021-0020: SAP Enterprise Portal - Exposed sensitive data in html body", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2021/Oct/32", }, { name: "http://packetstormsecurity.com/files/164600/SAP-Enterprise-Portal-Sensitive-Data-Disclosure.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/164600/SAP-Enterprise-Portal-Sensitive-Data-Disclosure.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2021-33687", datePublished: "2021-07-14T11:05:00", dateReserved: "2021-05-28T00:00:00", dateUpdated: "2024-08-03T23:58:22.359Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-34688
Vulnerability from cvelistv5
Published
2024-06-11 02:02
Modified
2024-08-02 02:59
Severity ?
EPSS score ?
Summary
Due to unrestricted access to the Meta Model
Repository services in SAP NetWeaver AS Java, attackers can perform DoS attacks
on the application, which may prevent legitimate users from accessing it. This
can result in no impact on confidentiality and integrity but a high impact on
the availability of the application.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP_SE | SAP NetWeaver AS Java |
Version: MMR_SERVER 7.5 |
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:sap:netweaver:7.50:*:*:*:java_as:*:*:*", ], defaultStatus: "unknown", product: "netweaver", vendor: "sap", versions: [ { status: "affected", version: "7.50", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-34688", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-06-11T13:36:48.543897Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-06-11T13:40:34.530Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-02T02:59:22.017Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://me.sap.com/notes/3460407", }, { tags: [ "x_transferred", ], url: "https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SAP NetWeaver AS Java", vendor: "SAP_SE", versions: [ { status: "affected", version: "MMR_SERVER 7.5", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Due to unrestricted access to the Meta Model\nRepository services in SAP NetWeaver AS Java, attackers can perform DoS attacks\non the application, which may prevent legitimate users from accessing it. This\ncan result in no impact on confidentiality and integrity but a high impact on\nthe availability of the application.", }, ], value: "Due to unrestricted access to the Meta Model\nRepository services in SAP NetWeaver AS Java, attackers can perform DoS attacks\non the application, which may prevent legitimate users from accessing it. This\ncan result in no impact on confidentiality and integrity but a high impact on\nthe availability of the application.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-400", description: "CWE-400: Uncontrolled Resource Consumption", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-11T10:12:32.680Z", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { url: "https://me.sap.com/notes/3460407", }, { url: "https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html", }, ], source: { discovery: "UNKNOWN", }, title: "Denial of service (DOS) in SAP NetWeaver AS Java (Meta Model Repository)", x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2024-34688", datePublished: "2024-06-11T02:02:21.587Z", dateReserved: "2024-05-07T05:46:11.658Z", dateUpdated: "2024-08-02T02:59:22.017Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-2388
Vulnerability from cvelistv5
Published
2016-02-16 15:00
Modified
2025-02-04 21:05
Severity ?
EPSS score ?
Summary
The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.4 allows remote attackers to obtain sensitive user information via a crafted HTTP request, aka SAP Security Note 2256846.
References
| ▼ | URL | Tags |
|---|---|---|
| http://seclists.org/fulldisclosure/2016/May/55 | mailing-list, x_refsource_FULLDISC | |
| http://packetstormsecurity.com/files/137128/SAP-NetWeaver-AS-JAVA-7.5-Information-Disclosure.html | x_refsource_MISC | |
| https://erpscan.io/advisories/erpscan-16-010-sap-netweaver-7-4-information-disclosure/ | x_refsource_MISC | |
| https://erpscan.io/press-center/blog/sap-security-notes-february-2016-review/ | x_refsource_MISC | |
| https://www.exploit-db.com/exploits/39841/ | exploit, x_refsource_EXPLOIT-DB | |
| https://www.exploit-db.com/exploits/43495/ | exploit, x_refsource_EXPLOIT-DB | |
| http://packetstormsecurity.com/files/145860/SAP-NetWeaver-J2EE-Engine-7.40-SQL-Injection.html | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T23:24:49.339Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20160523 [ERPSCAN-16-010] SAP NetWeaver AS JAVA - information disclosure vulnerability", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2016/May/55", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/137128/SAP-NetWeaver-AS-JAVA-7.5-Information-Disclosure.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://erpscan.io/advisories/erpscan-16-010-sap-netweaver-7-4-information-disclosure/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://erpscan.io/press-center/blog/sap-security-notes-february-2016-review/", }, { name: "39841", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "https://www.exploit-db.com/exploits/39841/", }, { name: "43495", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "https://www.exploit-db.com/exploits/43495/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/145860/SAP-NetWeaver-J2EE-Engine-7.40-SQL-Injection.html", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2016-2388", options: [ { Exploitation: "active", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-02-04T20:59:47.982679Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2022-06-09", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2016-2388", }, type: "kev", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-200", description: "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-04T21:05:07.953Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-02-10T00:00:00.000Z", descriptions: [ { lang: "en", value: "The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.4 allows remote attackers to obtain sensitive user information via a crafted HTTP request, aka SAP Security Note 2256846.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-04-27T13:14:53.000Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "20160523 [ERPSCAN-16-010] SAP NetWeaver AS JAVA - information disclosure vulnerability", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2016/May/55", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/137128/SAP-NetWeaver-AS-JAVA-7.5-Information-Disclosure.html", }, { tags: [ "x_refsource_MISC", ], url: "https://erpscan.io/advisories/erpscan-16-010-sap-netweaver-7-4-information-disclosure/", }, { tags: [ "x_refsource_MISC", ], url: "https://erpscan.io/press-center/blog/sap-security-notes-february-2016-review/", }, { name: "39841", tags: [ "exploit", "x_refsource_EXPLOIT-DB", ], url: "https://www.exploit-db.com/exploits/39841/", }, { name: "43495", tags: [ "exploit", "x_refsource_EXPLOIT-DB", ], url: "https://www.exploit-db.com/exploits/43495/", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/145860/SAP-NetWeaver-J2EE-Engine-7.40-SQL-Injection.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-2388", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.4 allows remote attackers to obtain sensitive user information via a crafted HTTP request, aka SAP Security Note 2256846.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "20160523 [ERPSCAN-16-010] SAP NetWeaver AS JAVA - information disclosure vulnerability", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2016/May/55", }, { name: "http://packetstormsecurity.com/files/137128/SAP-NetWeaver-AS-JAVA-7.5-Information-Disclosure.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/137128/SAP-NetWeaver-AS-JAVA-7.5-Information-Disclosure.html", }, { name: "https://erpscan.io/advisories/erpscan-16-010-sap-netweaver-7-4-information-disclosure/", refsource: "MISC", url: "https://erpscan.io/advisories/erpscan-16-010-sap-netweaver-7-4-information-disclosure/", }, { name: "https://erpscan.io/press-center/blog/sap-security-notes-february-2016-review/", refsource: "MISC", url: "https://erpscan.io/press-center/blog/sap-security-notes-february-2016-review/", }, { name: "39841", refsource: "EXPLOIT-DB", url: "https://www.exploit-db.com/exploits/39841/", }, { name: "43495", refsource: "EXPLOIT-DB", url: "https://www.exploit-db.com/exploits/43495/", }, { name: "http://packetstormsecurity.com/files/145860/SAP-NetWeaver-J2EE-Engine-7.40-SQL-Injection.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/145860/SAP-NetWeaver-J2EE-Engine-7.40-SQL-Injection.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-2388", datePublished: "2016-02-16T15:00:00.000Z", dateReserved: "2016-02-16T00:00:00.000Z", dateUpdated: "2025-02-04T21:05:07.953Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-6286
Vulnerability from cvelistv5
Published
2020-07-14 12:30
Modified
2024-08-04 08:55
Severity ?
EPSS score ?
Summary
The insufficient input path validation of certain parameter in the web service of SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, allows an unauthenticated attacker to exploit a method to download zip files to a specific directory, leading to Path Traversal.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675 | x_refsource_MISC | |
| https://launchpad.support.sap.com/#/notes/2934135 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP SE | SAP NetWeaver AS JAVA (LM Configuration Wizard) |
Version: < 7.30 Version: < 7.31 Version: < 7.40 Version: < 7.50 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T08:55:22.280Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/2934135", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SAP NetWeaver AS JAVA (LM Configuration Wizard)", vendor: "SAP SE", versions: [ { status: "affected", version: "< 7.30", }, { status: "affected", version: "< 7.31", }, { status: "affected", version: "< 7.40", }, { status: "affected", version: "< 7.50", }, ], }, ], descriptions: [ { lang: "en", value: "The insufficient input path validation of certain parameter in the web service of SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, allows an unauthenticated attacker to exploit a method to download zip files to a specific directory, leading to Path Traversal.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "Path Traversal", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-07-14T12:30:14", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675", }, { tags: [ "x_refsource_MISC", ], url: "https://launchpad.support.sap.com/#/notes/2934135", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cna@sap.com", ID: "CVE-2020-6286", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SAP NetWeaver AS JAVA (LM Configuration Wizard)", version: { version_data: [ { version_name: "<", version_value: "7.30", }, { version_name: "<", version_value: "7.31", }, { version_name: "<", version_value: "7.40", }, { version_name: "<", version_value: "7.50", }, ], }, }, ], }, vendor_name: "SAP SE", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The insufficient input path validation of certain parameter in the web service of SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, allows an unauthenticated attacker to exploit a method to download zip files to a specific directory, leading to Path Traversal.", }, ], }, impact: { cvss: { baseScore: "5.3", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Path Traversal", }, ], }, ], }, references: { reference_data: [ { name: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675", refsource: "MISC", url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675", }, { name: "https://launchpad.support.sap.com/#/notes/2934135", refsource: "MISC", url: "https://launchpad.support.sap.com/#/notes/2934135", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2020-6286", datePublished: "2020-07-14T12:30:14", dateReserved: "2020-01-08T00:00:00", dateUpdated: "2024-08-04T08:55:22.280Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-40308
Vulnerability from cvelistv5
Published
2023-09-12 01:21
Modified
2024-09-26 18:22
Severity ?
EPSS score ?
Summary
SAP CommonCryptoLib allows an unauthenticated attacker to craft a request, which when submitted to an open port causes a memory corruption error in a library which in turn causes the target component to crash making it unavailable. There is no ability to view or modify any information.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | SAP_SE | SAP CommonCryptoLib |
Version: 8 |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T18:31:53.082Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://me.sap.com/notes/3327896", }, { tags: [ "x_transferred", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-40308", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-09-26T14:46:05.348783Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-09-26T14:46:15.846Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SAP CommonCryptoLib", vendor: "SAP_SE", versions: [ { status: "affected", version: "8", }, ], }, { defaultStatus: "unaffected", packageName: "KERNEL", product: "SAP NetWeaver AS ABAP, SAP NetWeaver AS Java and ABAP Platform of S/4HANA on-premise", vendor: "SAP_SE", versions: [ { status: "affected", version: "KERNEL 7.22", }, { status: "affected", version: "KERNEL 7.53", }, { status: "affected", version: "KERNEL 7.54", }, { status: "affected", version: "KERNEL 7.77", }, { status: "affected", version: "KERNEL 7.85", }, { status: "affected", version: "KERNEL 7.89", }, { status: "affected", version: "KERNEL 7.91", }, { status: "affected", version: "KERNEL 7.92", }, { status: "affected", version: "KERNEL 7.93", }, { status: "affected", version: "KERNEL 8.04", }, { status: "affected", version: "KERNEL64UC 7.22", }, { status: "affected", version: "KERNEL64UC 7.22EXT", }, { status: "affected", version: "KERNEL64UC 7.53", }, { status: "affected", version: "KERNEL64UC 8.04", }, { status: "affected", version: "KERNEL64NUC 7.22", }, { status: "affected", version: "KERNEL64NUC 7.22EXT", }, ], }, { defaultStatus: "unaffected", product: "SAP Web Dispatcher", vendor: "SAP_SE", versions: [ { status: "affected", version: "7.22EXT", }, { status: "affected", version: "7.53", }, { status: "affected", version: "7.54", }, { status: "affected", version: "7.77", }, { status: "affected", version: "7.85", }, { status: "affected", version: "7.89", }, ], }, { defaultStatus: "unaffected", product: "SAP Content Server", vendor: "SAP_SE", versions: [ { status: "affected", version: "6.50", }, { status: "affected", version: "7.53", }, { status: "affected", version: "7.54", }, ], }, { defaultStatus: "unaffected", product: "SAP HANA Database", vendor: "SAP_SE", versions: [ { status: "affected", version: "2.00", }, ], }, { defaultStatus: "unaffected", product: "SAP Host Agent", vendor: "SAP_SE", versions: [ { status: "affected", version: "722", }, ], }, { defaultStatus: "unaffected", product: "SAP Extended Application Services and Runtime (XSA)", vendor: "SAP_SE", versions: [ { status: "affected", version: "SAP_EXTENDED_APP_SERVICES 1", }, { status: "affected", version: "XS_ADVANCED_RUNTIME 1.00", }, ], }, { defaultStatus: "unaffected", product: "SAPSSOEXT", vendor: "SAP_SE", versions: [ { status: "affected", version: "17", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>SAP CommonCryptoLib allows an unauthenticated attacker to craft a request, which when submitted to an open port causes a memory corruption error in a library which in turn causes the target component to crash making it unavailable. There is no ability to view or modify any information.</p>", }, ], value: "SAP CommonCryptoLib allows an unauthenticated attacker to craft a request, which when submitted to an open port causes a memory corruption error in a library which in turn causes the target component to crash making it unavailable. There is no ability to view or modify any information.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-26T18:22:53.534Z", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { url: "https://me.sap.com/notes/3327896", }, { url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], source: { discovery: "UNKNOWN", }, title: "Memory Corruption vulnerability in SAP CommonCryptoLib", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2023-40308", datePublished: "2023-09-12T01:21:15.083Z", dateReserved: "2023-08-14T07:36:04.796Z", dateUpdated: "2024-09-26T18:22:53.534Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-24526
Vulnerability from cvelistv5
Published
2023-03-14 04:38
Modified
2025-02-27 18:15
Severity ?
EPSS score ?
Summary
SAP NetWeaver Application Server Java for Classload Service - version 7.50, does not perform any authentication checks for functionalities that require user identity, resulting in escalation of privileges. This failure has a low impact on confidentiality of the data such that an unassigned user can read non-sensitive server data.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP | NetWeaver AS Java for Classload Service |
Version: 7.50 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T10:56:04.231Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/3288394", }, { tags: [ "x_transferred", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-24526", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-02-27T18:15:07.010957Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-02-27T18:15:15.151Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "NetWeaver AS Java for Classload Service", vendor: "SAP", versions: [ { status: "affected", version: "7.50", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>SAP NetWeaver Application Server Java for Classload Service - version 7.50, does not perform any authentication checks for functionalities that require user identity, resulting in escalation of privileges. This failure has a low impact on confidentiality of the data such that an unassigned user can read non-sensitive server data.</p>", }, ], value: "SAP NetWeaver Application Server Java for Classload Service - version 7.50, does not perform any authentication checks for functionalities that require user identity, resulting in escalation of privileges. This failure has a low impact on confidentiality of the data such that an unassigned user can read non-sensitive server data.\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-306", description: "CWE-306: Missing Authentication for Critical Function", lang: "eng", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-11T21:25:36.326Z", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { url: "https://launchpad.support.sap.com/#/notes/3288394", }, { url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], source: { discovery: "UNKNOWN", }, title: "Improper Access Control in SAP NetWeaver AS Java (Classload Service)", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2023-24526", datePublished: "2023-03-14T04:38:03.702Z", dateReserved: "2023-01-25T15:46:55.581Z", dateUpdated: "2025-02-27T18:15:15.151Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-10304
Vulnerability from cvelistv5
Published
2017-04-10 14:00
Modified
2024-08-06 03:14
Severity ?
EPSS score ?
Summary
The SAP EP-RUNTIME component in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to cause a denial of service (out-of-memory error and service instability) via a crafted serialized Java object, as demonstrated by serial.cc3, aka SAP Security Note 2315788.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T03:14:42.980Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://erpscan.io/advisories/erpscan-16-029-sap-netweaver-java-7-5-deserialization-untrusted-user-value-trustmanagementservlet/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-12-07T00:00:00", descriptions: [ { lang: "en", value: "The SAP EP-RUNTIME component in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to cause a denial of service (out-of-memory error and service instability) via a crafted serialized Java object, as demonstrated by serial.cc3, aka SAP Security Note 2315788.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-12-10T17:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://erpscan.io/advisories/erpscan-16-029-sap-netweaver-java-7-5-deserialization-untrusted-user-value-trustmanagementservlet/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-10304", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The SAP EP-RUNTIME component in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to cause a denial of service (out-of-memory error and service instability) via a crafted serialized Java object, as demonstrated by serial.cc3, aka SAP Security Note 2315788.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://erpscan.io/advisories/erpscan-16-029-sap-netweaver-java-7-5-deserialization-untrusted-user-value-trustmanagementservlet/", refsource: "MISC", url: "https://erpscan.io/advisories/erpscan-16-029-sap-netweaver-java-7-5-deserialization-untrusted-user-value-trustmanagementservlet/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-10304", datePublished: "2017-04-10T14:00:00", dateReserved: "2017-03-29T00:00:00", dateUpdated: "2024-08-06T03:14:42.980Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-22126
Vulnerability from cvelistv5
Published
2024-02-13 01:58
Modified
2025-02-11 04:13
Severity ?
EPSS score ?
Summary
The User Admin application of SAP NetWeaver AS for Java - version 7.50, insufficiently validates and improperly encodes the incoming URL parameters before including them into the redirect URL. This results in Cross-Site Scripting (XSS) vulnerability, leading to a high impact on confidentiality and mild impact on integrity and availability.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP_SE | SAP NetWeaver AS Java (User Admin Application) |
Version: 7.50 |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-22126", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-07-09T16:21:27.522736Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-07-09T16:21:33.204Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-01T22:35:34.804Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://me.sap.com/notes/3417627", }, { tags: [ "x_transferred", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SAP NetWeaver AS Java (User Admin Application)", vendor: "SAP_SE", versions: [ { status: "affected", version: "7.50", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>The User Admin application of SAP NetWeaver AS for Java - version 7.50, insufficiently validates and improperly encodes the incoming URL parameters before including them into the redirect URL. This results in Cross-Site Scripting (XSS) vulnerability, leading to a high impact on confidentiality and mild impact on integrity and availability.</p>", }, ], value: "The User Admin application of SAP NetWeaver AS for Java - version 7.50, insufficiently validates and improperly encodes the incoming URL parameters before including them into the redirect URL. This results in Cross-Site Scripting (XSS) vulnerability, leading to a high impact on confidentiality and mild impact on integrity and availability.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", lang: "eng", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-11T04:13:01.325Z", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { url: "https://me.sap.com/notes/3417627", }, { url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, { url: "https://me.sap.com/notes/3557138", }, ], source: { discovery: "UNKNOWN", }, title: "Cross Site Scripting vulnerability in SAP NetWeaver AS Java (User Admin Application)", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2024-22126", datePublished: "2024-02-13T01:58:27.745Z", dateReserved: "2024-01-05T10:21:35.256Z", dateUpdated: "2025-02-11T04:13:01.325Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-21491
Vulnerability from cvelistv5
Published
2021-03-10 14:11
Modified
2024-08-03 18:16
Severity ?
EPSS score ?
Summary
SAP Netweaver Application Server Java (Applications based on WebDynpro Java) versions 7.00, 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allow an attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107 | x_refsource_MISC | |
| https://launchpad.support.sap.com/#/notes/2976947 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP SE | SAP NetWeaver Application Server Java (Applications based on Web Dynpro Java) |
Version: < 7.00 Version: < 7.10 Version: < 7.11 Version: < 7.20 Version: < 7.30 Version: < 731 Version: < 7.40 Version: < 7.50 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T18:16:22.599Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/2976947", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SAP NetWeaver Application Server Java (Applications based on Web Dynpro Java)", vendor: "SAP SE", versions: [ { status: "affected", version: "< 7.00", }, { status: "affected", version: "< 7.10", }, { status: "affected", version: "< 7.11", }, { status: "affected", version: "< 7.20", }, { status: "affected", version: "< 7.30", }, { status: "affected", version: "< 731", }, { status: "affected", version: "< 7.40", }, { status: "affected", version: "< 7.50", }, ], }, ], descriptions: [ { lang: "en", value: "SAP Netweaver Application Server Java (Applications based on WebDynpro Java) versions 7.00, 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allow an attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "Reverse Tabnabbing", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-03-10T14:11:46", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107", }, { tags: [ "x_refsource_MISC", ], url: "https://launchpad.support.sap.com/#/notes/2976947", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cna@sap.com", ID: "CVE-2021-21491", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SAP NetWeaver Application Server Java (Applications based on Web Dynpro Java)", version: { version_data: [ { version_name: "<", version_value: "7.00", }, { version_name: "<", version_value: "7.10", }, { version_name: "<", version_value: "7.11", }, { version_name: "<", version_value: "7.20", }, { version_name: "<", version_value: "7.30", }, { version_name: "<", version_value: "731", }, { version_name: "<", version_value: "7.40", }, { version_name: "<", version_value: "7.50", }, ], }, }, ], }, vendor_name: "SAP SE", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "SAP Netweaver Application Server Java (Applications based on WebDynpro Java) versions 7.00, 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allow an attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities.", }, ], }, impact: { cvss: { baseScore: "4.7", vectorString: "CVSS:/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Reverse Tabnabbing", }, ], }, ], }, references: { reference_data: [ { name: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107", refsource: "MISC", url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107", }, { name: "https://launchpad.support.sap.com/#/notes/2976947", refsource: "MISC", url: "https://launchpad.support.sap.com/#/notes/2976947", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2021-21491", datePublished: "2021-03-10T14:11:46", dateReserved: "2020-12-30T00:00:00", dateUpdated: "2024-08-03T18:16:22.599Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-27598
Vulnerability from cvelistv5
Published
2021-04-13 18:38
Modified
2024-08-03 21:26
Severity ?
EPSS score ?
Summary
SAP NetWeaver AS JAVA (Customer Usage Provisioning Servlet), versions - 7.31, 7.40, 7.50, allows an attacker to read some statistical data like product version, traffic, timestamp etc. because of missing authorization check in the servlet.
References
| ▼ | URL | Tags |
|---|---|---|
| https://launchpad.support.sap.com/#/notes/3027937 | x_refsource_MISC | |
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=573801649 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP SE | SAP NetWeaver AS for JAVA (Customer Usage Provisioning Servlet) |
Version: < 7.31 Version: < 7.40 Version: < 7.50 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T21:26:10.214Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/3027937", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=573801649", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SAP NetWeaver AS for JAVA (Customer Usage Provisioning Servlet)", vendor: "SAP SE", versions: [ { status: "affected", version: "< 7.31", }, { status: "affected", version: "< 7.40", }, { status: "affected", version: "< 7.50", }, ], }, ], descriptions: [ { lang: "en", value: "SAP NetWeaver AS JAVA (Customer Usage Provisioning Servlet), versions - 7.31, 7.40, 7.50, allows an attacker to read some statistical data like product version, traffic, timestamp etc. because of missing authorization check in the servlet.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-284", description: "Improper Access Control (CWE-284)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-04-13T18:38:46", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://launchpad.support.sap.com/#/notes/3027937", }, { tags: [ "x_refsource_MISC", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=573801649", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cna@sap.com", ID: "CVE-2021-27598", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SAP NetWeaver AS for JAVA (Customer Usage Provisioning Servlet)", version: { version_data: [ { version_name: "<", version_value: "7.31", }, { version_name: "<", version_value: "7.40", }, { version_name: "<", version_value: "7.50", }, ], }, }, ], }, vendor_name: "SAP SE", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "SAP NetWeaver AS JAVA (Customer Usage Provisioning Servlet), versions - 7.31, 7.40, 7.50, allows an attacker to read some statistical data like product version, traffic, timestamp etc. because of missing authorization check in the servlet.", }, ], }, impact: { cvss: { baseScore: "6.5", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Improper Access Control (CWE-284)", }, ], }, ], }, references: { reference_data: [ { name: "https://launchpad.support.sap.com/#/notes/3027937", refsource: "MISC", url: "https://launchpad.support.sap.com/#/notes/3027937", }, { name: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=573801649", refsource: "MISC", url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=573801649", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2021-27598", datePublished: "2021-04-13T18:38:46", dateReserved: "2021-02-23T00:00:00", dateUpdated: "2024-08-03T21:26:10.214Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-26820
Vulnerability from cvelistv5
Published
2020-11-10 16:14
Modified
2024-08-04 16:03
Severity ?
EPSS score ?
Summary
SAP NetWeaver AS JAVA, versions - 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker who is authenticated as an administrator to use the administrator console, to expose unauthenticated access to the file system and upload a malicious file. The attacker or another user can then use a separate mechanism to execute OS commands through the uploaded file leading to Privilege Escalation and completely compromise the confidentiality, integrity and availability of the server operating system and any application running on it.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=562725571 | x_refsource_MISC | |
| https://launchpad.support.sap.com/#/notes/2979062 | x_refsource_MISC | |
| http://seclists.org/fulldisclosure/2021/Apr/7 | mailing-list, x_refsource_FULLDISC | |
| http://packetstormsecurity.com/files/162086/SAP-Java-OS-Remote-Code-Execution.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP SE | SAP NetWeaver AS JAVA |
Version: < 7.20 Version: < 7.30 Version: < 7.31 Version: < 7.40 Version: < 7.50 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T16:03:22.700Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=562725571", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/2979062", }, { name: "20210405 Onapsis Security Advisory 2021-0004: [CVE-2020-26820] - SAP Java OS Remote Code Execution", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2021/Apr/7", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/162086/SAP-Java-OS-Remote-Code-Execution.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SAP NetWeaver AS JAVA", vendor: "SAP SE", versions: [ { status: "affected", version: "< 7.20", }, { status: "affected", version: "< 7.30", }, { status: "affected", version: "< 7.31", }, { status: "affected", version: "< 7.40", }, { status: "affected", version: "< 7.50", }, ], }, ], descriptions: [ { lang: "en", value: "SAP NetWeaver AS JAVA, versions - 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker who is authenticated as an administrator to use the administrator console, to expose unauthenticated access to the file system and upload a malicious file. The attacker or another user can then use a separate mechanism to execute OS commands through the uploaded file leading to Privilege Escalation and completely compromise the confidentiality, integrity and availability of the server operating system and any application running on it.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "Privilege escalation", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-04-06T15:06:18", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=562725571", }, { tags: [ "x_refsource_MISC", ], url: "https://launchpad.support.sap.com/#/notes/2979062", }, { name: "20210405 Onapsis Security Advisory 2021-0004: [CVE-2020-26820] - SAP Java OS Remote Code Execution", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2021/Apr/7", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/162086/SAP-Java-OS-Remote-Code-Execution.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cna@sap.com", ID: "CVE-2020-26820", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SAP NetWeaver AS JAVA", version: { version_data: [ { version_name: "<", version_value: "7.20", }, { version_name: "<", version_value: "7.30", }, { version_name: "<", version_value: "7.31", }, { version_name: "<", version_value: "7.40", }, { version_name: "<", version_value: "7.50", }, ], }, }, ], }, vendor_name: "SAP SE", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "SAP NetWeaver AS JAVA, versions - 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker who is authenticated as an administrator to use the administrator console, to expose unauthenticated access to the file system and upload a malicious file. The attacker or another user can then use a separate mechanism to execute OS commands through the uploaded file leading to Privilege Escalation and completely compromise the confidentiality, integrity and availability of the server operating system and any application running on it.", }, ], }, impact: { cvss: { baseScore: "9.1", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Privilege escalation", }, ], }, ], }, references: { reference_data: [ { name: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=562725571", refsource: "MISC", url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=562725571", }, { name: "https://launchpad.support.sap.com/#/notes/2979062", refsource: "MISC", url: "https://launchpad.support.sap.com/#/notes/2979062", }, { name: "20210405 Onapsis Security Advisory 2021-0004: [CVE-2020-26820] - SAP Java OS Remote Code Execution", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2021/Apr/7", }, { name: "http://packetstormsecurity.com/files/162086/SAP-Java-OS-Remote-Code-Execution.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/162086/SAP-Java-OS-Remote-Code-Execution.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2020-26820", datePublished: "2020-11-10T16:14:04", dateReserved: "2020-10-07T00:00:00", dateUpdated: "2024-08-04T16:03:22.700Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-24743
Vulnerability from cvelistv5
Published
2024-02-13 02:43
Modified
2024-11-07 19:10
Severity ?
EPSS score ?
Summary
SAP NetWeaver AS Java (CAF - Guided Procedures) - version 7.50, allows an unauthenticated attacker to submit a malicious request with a crafted XML file over the network, which when parsed will enable him to access sensitive files and data but not modify them. There are expansion limits in place so that availability is not affected.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP_SE | SAP NetWeaver AS Java (Guided Procedures) |
Version: 7.50 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-01T23:28:11.817Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://me.sap.com/notes/3426111", }, { tags: [ "x_transferred", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2024-24743", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-02-13T15:39:45.926455Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-07T19:10:20.078Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SAP NetWeaver AS Java (Guided Procedures)", vendor: "SAP_SE", versions: [ { status: "affected", version: "7.50", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>SAP NetWeaver AS Java (CAF - Guided Procedures) - version 7.50, allows an unauthenticated attacker to submit a malicious request with a crafted XML file over the network, which when parsed will enable him to access sensitive files and data but not modify them. There are expansion limits in place so that availability is not affected.</p>", }, ], value: "SAP NetWeaver AS Java (CAF - Guided Procedures) - version 7.50, allows an unauthenticated attacker to submit a malicious request with a crafted XML file over the network, which when parsed will enable him to access sensitive files and data but not modify them. There are expansion limits in place so that availability is not affected.\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-611", description: "CWE-611: Improper Restriction of XML External Entity Reference", lang: "eng", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-02-13T02:43:40.755Z", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { url: "https://me.sap.com/notes/3426111", }, { url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], source: { discovery: "UNKNOWN", }, title: "XXE vulnerability in SAP NetWeaver AS Java (Guided Procedures)", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2024-24743", datePublished: "2024-02-13T02:43:40.755Z", dateReserved: "2024-01-29T05:13:46.618Z", dateUpdated: "2024-11-07T19:10:20.078Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-6263
Vulnerability from cvelistv5
Published
2020-06-10 12:44
Modified
2024-08-04 08:55
Severity ?
EPSS score ?
Summary
Standalone clients connecting to SAP NetWeaver AS Java via P4 Protocol, versions (SAP-JEECOR 7.00, 7.01; SERVERCOR 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; CORE-TOOLS 7.00, 7.01, 7.02, 7.05, 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50) do not perform any authentication checks for operations that require user identity leading to Authentication Bypass.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=547426775 | x_refsource_MISC | |
| https://launchpad.support.sap.com/#/notes/2878568 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP SE | SAP NetWeaver AS JAVA |
Version: < SAP-JEECOR 7.00 Version: < 7.01 SERVERCOR 7.10 Version: < 7.11 Version: < 7.20 Version: < 7.30 Version: < 7.31 Version: < 7.40 Version: < 7.50 CORE-TOOLS 7.00 Version: < 7.01 Version: < 7.02 Version: < 7.05 Version: < 7.10 Version: < 7.50 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T08:55:22.315Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=547426775", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/2878568", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SAP NetWeaver AS JAVA", vendor: "SAP SE", versions: [ { status: "affected", version: "< SAP-JEECOR 7.00", }, { status: "affected", version: "< 7.01 SERVERCOR 7.10", }, { status: "affected", version: "< 7.11", }, { status: "affected", version: "< 7.20", }, { status: "affected", version: "< 7.30", }, { status: "affected", version: "< 7.31", }, { status: "affected", version: "< 7.40", }, { status: "affected", version: "< 7.50 CORE-TOOLS 7.00", }, { status: "affected", version: "< 7.01", }, { status: "affected", version: "< 7.02", }, { status: "affected", version: "< 7.05", }, { status: "affected", version: "< 7.10", }, { status: "affected", version: "< 7.50", }, ], }, ], descriptions: [ { lang: "en", value: "Standalone clients connecting to SAP NetWeaver AS Java via P4 Protocol, versions (SAP-JEECOR 7.00, 7.01; SERVERCOR 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; CORE-TOOLS 7.00, 7.01, 7.02, 7.05, 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50) do not perform any authentication checks for operations that require user identity leading to Authentication Bypass.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.9, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "Authentication Bypass", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-10T12:44:43", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=547426775", }, { tags: [ "x_refsource_MISC", ], url: "https://launchpad.support.sap.com/#/notes/2878568", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cna@sap.com", ID: "CVE-2020-6263", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SAP NetWeaver AS JAVA", version: { version_data: [ { version_name: "<", version_value: "SAP-JEECOR 7.00", }, { version_name: "<", version_value: "7.01 SERVERCOR 7.10", }, { version_name: "<", version_value: "7.11", }, { version_name: "<", version_value: "7.20", }, { version_name: "<", version_value: "7.30", }, { version_name: "<", version_value: "7.31", }, { version_name: "<", version_value: "7.40", }, { version_name: "<", version_value: "7.50 CORE-TOOLS 7.00", }, { version_name: "<", version_value: "7.01", }, { version_name: "<", version_value: "7.02", }, { version_name: "<", version_value: "7.05", }, { version_name: "<", version_value: "7.10", }, { version_name: "<", version_value: "7.11", }, { version_name: "<", version_value: "7.20", }, { version_name: "<", version_value: "7.30", }, { version_name: "<", version_value: "7.31", }, { version_name: "<", version_value: "7.40", }, { version_name: "<", version_value: "7.50", }, ], }, }, ], }, vendor_name: "SAP SE", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Standalone clients connecting to SAP NetWeaver AS Java via P4 Protocol, versions (SAP-JEECOR 7.00, 7.01; SERVERCOR 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; CORE-TOOLS 7.00, 7.01, 7.02, 7.05, 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50) do not perform any authentication checks for operations that require user identity leading to Authentication Bypass.", }, ], }, impact: { cvss: { baseScore: "6.9", vectorString: "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Authentication Bypass", }, ], }, ], }, references: { reference_data: [ { name: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=547426775", refsource: "MISC", url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=547426775", }, { name: "https://launchpad.support.sap.com/#/notes/2878568", refsource: "MISC", url: "https://launchpad.support.sap.com/#/notes/2878568", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2020-6263", datePublished: "2020-06-10T12:44:43", dateReserved: "2020-01-08T00:00:00", dateUpdated: "2024-08-04T08:55:22.315Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-26829
Vulnerability from cvelistv5
Published
2020-12-09 16:28
Modified
2024-08-04 16:03
Severity ?
EPSS score ?
Summary
SAP NetWeaver AS JAVA (P2P Cluster Communication), versions - 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows arbitrary connections from processes because of missing authentication check, that are outside the cluster and even outside the network segment dedicated for the internal cluster communication. As result, an unauthenticated attacker can invoke certain functions that would otherwise be restricted to system administrators only, including access to system administration functions or shutting down the system completely.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079 | x_refsource_MISC | |
| https://launchpad.support.sap.com/#/notes/2974774 | x_refsource_MISC | |
| http://seclists.org/fulldisclosure/2021/Jun/33 | mailing-list, x_refsource_FULLDISC | |
| http://packetstormsecurity.com/files/163166/SAP-Netweaver-JAVA-7.50-Missing-Authorization.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP SE | SAP NetWeaver AS JAVA (P2P Cluster Communication) |
Version: < 7.11 Version: < 7.20 Version: < 7.30 Version: < 7.31 Version: < 7.40 Version: < 7.50 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T16:03:22.449Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/2974774", }, { name: "20210614 Onapsis Security Advisory 2021-0013: [CVE-2020-26829] - Missing Authentication Check In SAP NetWeaver AS JAVA P2P Cluster communication", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2021/Jun/33", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/163166/SAP-Netweaver-JAVA-7.50-Missing-Authorization.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SAP NetWeaver AS JAVA (P2P Cluster Communication)", vendor: "SAP SE", versions: [ { status: "affected", version: "< 7.11", }, { status: "affected", version: "< 7.20", }, { status: "affected", version: "< 7.30", }, { status: "affected", version: "< 7.31", }, { status: "affected", version: "< 7.40", }, { status: "affected", version: "< 7.50", }, ], }, ], descriptions: [ { lang: "en", value: "SAP NetWeaver AS JAVA (P2P Cluster Communication), versions - 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows arbitrary connections from processes because of missing authentication check, that are outside the cluster and even outside the network segment dedicated for the internal cluster communication. As result, an unauthenticated attacker can invoke certain functions that would otherwise be restricted to system administrators only, including access to system administration functions or shutting down the system completely.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 10, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "Missing Authentication Check", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-06-15T20:06:12", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079", }, { tags: [ "x_refsource_MISC", ], url: "https://launchpad.support.sap.com/#/notes/2974774", }, { name: "20210614 Onapsis Security Advisory 2021-0013: [CVE-2020-26829] - Missing Authentication Check In SAP NetWeaver AS JAVA P2P Cluster communication", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2021/Jun/33", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/163166/SAP-Netweaver-JAVA-7.50-Missing-Authorization.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cna@sap.com", ID: "CVE-2020-26829", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SAP NetWeaver AS JAVA (P2P Cluster Communication)", version: { version_data: [ { version_name: "<", version_value: "7.11", }, { version_name: "<", version_value: "7.20", }, { version_name: "<", version_value: "7.30", }, { version_name: "<", version_value: "7.31", }, { version_name: "<", version_value: "7.40", }, { version_name: "<", version_value: "7.50", }, ], }, }, ], }, vendor_name: "SAP SE", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "SAP NetWeaver AS JAVA (P2P Cluster Communication), versions - 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows arbitrary connections from processes because of missing authentication check, that are outside the cluster and even outside the network segment dedicated for the internal cluster communication. As result, an unauthenticated attacker can invoke certain functions that would otherwise be restricted to system administrators only, including access to system administration functions or shutting down the system completely.", }, ], }, impact: { cvss: { baseScore: "10.0", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Missing Authentication Check", }, ], }, ], }, references: { reference_data: [ { name: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079", refsource: "MISC", url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079", }, { name: "https://launchpad.support.sap.com/#/notes/2974774", refsource: "MISC", url: "https://launchpad.support.sap.com/#/notes/2974774", }, { name: "20210614 Onapsis Security Advisory 2021-0013: [CVE-2020-26829] - Missing Authentication Check In SAP NetWeaver AS JAVA P2P Cluster communication", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2021/Jun/33", }, { name: "http://packetstormsecurity.com/files/163166/SAP-Netweaver-JAVA-7.50-Missing-Authorization.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/163166/SAP-Netweaver-JAVA-7.50-Missing-Authorization.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2020-26829", datePublished: "2020-12-09T16:28:43", dateReserved: "2020-10-07T00:00:00", dateUpdated: "2024-08-04T16:03:22.449Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-42477
Vulnerability from cvelistv5
Published
2023-10-10 01:37
Modified
2024-09-18 18:55
Severity ?
EPSS score ?
Summary
SAP NetWeaver AS Java (GRMG Heartbeat application) - version 7.50, allows an attacker to send a crafted request from a vulnerable web application, causing limited impact on confidentiality and integrity of the application.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP_SE | SAP NetWeaver AS Java |
Version: 7.50 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T19:23:39.133Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://me.sap.com/notes/3333426", }, { tags: [ "x_transferred", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-42477", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-09-18T18:54:26.974833Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-09-18T18:55:58.441Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SAP NetWeaver AS Java", vendor: "SAP_SE", versions: [ { status: "affected", version: "7.50", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>SAP NetWeaver AS Java (GRMG Heartbeat application) - version 7.50, allows an attacker to send a crafted request from a vulnerable web application, causing limited impact on confidentiality and integrity of the application.</p>", }, ], value: "SAP NetWeaver AS Java (GRMG Heartbeat application) - version 7.50, allows an attacker to send a crafted request from a vulnerable web application, causing limited impact on confidentiality and integrity of the application.\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-918", description: "CWE-918: Server-Side Request Forgery (SSRF)", lang: "eng", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-10T01:37:54.816Z", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { url: "https://me.sap.com/notes/3333426", }, { url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], source: { discovery: "UNKNOWN", }, title: "Server-Side Request Forgery in SAP NetWeaver AS Java (GRMG Heartbeat application)", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2023-42477", datePublished: "2023-10-10T01:37:54.816Z", dateReserved: "2023-09-11T07:15:13.775Z", dateUpdated: "2024-09-18T18:55:58.441Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-26103
Vulnerability from cvelistv5
Published
2022-03-08 13:36
Modified
2024-08-03 04:56
Severity ?
EPSS score ?
Summary
Under certain conditions, SAP NetWeaver (Real Time Messaging Framework) - version 7.50, allows an attacker to access information which could lead to information gathering for further exploits and attacks.
References
| ▼ | URL | Tags |
|---|---|---|
| https://dam.sap.com/mac/embed/public/pdf/a/ucQrx6G.htm?rc=10 | x_refsource_MISC | |
| https://launchpad.support.sap.com/#/notes/3132360 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP SE | SAP NetWeaver (Real Time Messaging Framework) |
Version: < 7.50 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T04:56:37.425Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://dam.sap.com/mac/embed/public/pdf/a/ucQrx6G.htm?rc=10", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/3132360", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SAP NetWeaver (Real Time Messaging Framework)", vendor: "SAP SE", versions: [ { status: "affected", version: "< 7.50", }, ], }, ], descriptions: [ { lang: "en", value: "Under certain conditions, SAP NetWeaver (Real Time Messaging Framework) - version 7.50, allows an attacker to access information which could lead to information gathering for further exploits and attacks.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-03-08T13:36:23", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://dam.sap.com/mac/embed/public/pdf/a/ucQrx6G.htm?rc=10", }, { tags: [ "x_refsource_MISC", ], url: "https://launchpad.support.sap.com/#/notes/3132360", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cna@sap.com", ID: "CVE-2022-26103", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SAP NetWeaver (Real Time Messaging Framework)", version: { version_data: [ { version_name: "<", version_value: "7.50", }, ], }, }, ], }, vendor_name: "SAP SE", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Under certain conditions, SAP NetWeaver (Real Time Messaging Framework) - version 7.50, allows an attacker to access information which could lead to information gathering for further exploits and attacks.", }, ], }, impact: { cvss: { baseScore: "null", vectorString: "null", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-862", }, ], }, ], }, references: { reference_data: [ { name: "https://dam.sap.com/mac/embed/public/pdf/a/ucQrx6G.htm?rc=10", refsource: "MISC", url: "https://dam.sap.com/mac/embed/public/pdf/a/ucQrx6G.htm?rc=10", }, { name: "https://launchpad.support.sap.com/#/notes/3132360", refsource: "MISC", url: "https://launchpad.support.sap.com/#/notes/3132360", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2022-26103", datePublished: "2022-03-08T13:36:23", dateReserved: "2022-02-25T00:00:00", dateUpdated: "2024-08-03T04:56:37.425Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-41262
Vulnerability from cvelistv5
Published
2022-12-12 21:39
Modified
2025-04-22 14:39
Severity ?
EPSS score ?
Summary
Due to insufficient input validation, SAP NetWeaver AS Java (HTTP Provider Service) - version 7.50, allows an unauthenticated attacker to inject a script into a web request header. On successful exploitation, an attacker can view or modify information causing a limited impact on the confidentiality and integrity of the application.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP | NetWeaver AS for Java (Http Provider Service) |
Version: 7.50 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T12:42:43.970Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/3262544", }, { tags: [ "x_transferred", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-41262", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-04-22T14:38:54.623852Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-04-22T14:39:07.399Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "NetWeaver AS for Java (Http Provider Service)", vendor: "SAP", versions: [ { status: "affected", version: "7.50", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: white;\">Due to insufficient input validation, SAP NetWeaver AS Java (HTTP Provider Service) - version 7.50, allows an unauthenticated attacker to inject a script into a web request header. On successful exploitation, an attacker can view or modify information causing a limited impact on the confidentiality and integrity of the application.</span><br>", }, ], value: "Due to insufficient input validation, SAP NetWeaver AS Java (HTTP Provider Service) - version 7.50, allows an unauthenticated attacker to inject a script into a web request header. On successful exploitation, an attacker can view or modify information causing a limited impact on the confidentiality and integrity of the application.\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-16T03:05:53.087Z", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { url: "https://launchpad.support.sap.com/#/notes/3262544", }, { url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2022-41262", datePublished: "2022-12-12T21:39:53.223Z", dateReserved: "2022-09-21T16:20:14.947Z", dateUpdated: "2025-04-22T14:39:07.399Z", requesterUserId: "048f1e0a-8756-40de-bd1f-51292c7183c7", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-2503
Vulnerability from cvelistv5
Published
2018-12-11 23:00
Modified
2024-08-05 04:21
Severity ?
EPSS score ?
Summary
By default, the SAP NetWeaver AS Java keystore service does not sufficiently restrict the access to resources that should be protected. This has been fixed in SAP NetWeaver AS Java (ServerCore versions 7.11, 7.20, 7.30, 7.31, 7.40, 7.50).
References
| ▼ | URL | Tags |
|---|---|---|
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699 | x_refsource_MISC | |
| http://www.securityfocus.com/bid/106156 | vdb-entry, x_refsource_BID | |
| https://launchpad.support.sap.com/#/notes/2658279 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP | SAP NetWeaver AS Java (ServerCore) |
Version: = 7.11 Version: = 7.20 Version: = 7.30 Version: = 7.31 Version: = 7.40 Version: = 7.50 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T04:21:34.355Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699", }, { name: "106156", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/106156", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/2658279", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SAP NetWeaver AS Java (ServerCore)", vendor: "SAP", versions: [ { status: "affected", version: "= 7.11", }, { status: "affected", version: "= 7.20", }, { status: "affected", version: "= 7.30", }, { status: "affected", version: "= 7.31", }, { status: "affected", version: "= 7.40", }, { status: "affected", version: "= 7.50", }, ], }, ], datePublic: "2018-12-11T00:00:00", descriptions: [ { lang: "en", value: "By default, the SAP NetWeaver AS Java keystore service does not sufficiently restrict the access to resources that should be protected. This has been fixed in SAP NetWeaver AS Java (ServerCore versions 7.11, 7.20, 7.30, 7.31, 7.40, 7.50).", }, ], problemTypes: [ { descriptions: [ { description: "Missing Authentication", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-12-12T10:57:01", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699", }, { name: "106156", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/106156", }, { tags: [ "x_refsource_MISC", ], url: "https://launchpad.support.sap.com/#/notes/2658279", }, ], source: { discovery: "UNKNOWN", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cna@sap.com", ID: "CVE-2018-2503", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SAP NetWeaver AS Java (ServerCore)", version: { version_data: [ { version_name: "=", version_value: "7.11", }, { version_name: "=", version_value: "7.20", }, { version_name: "=", version_value: "7.30", }, { version_name: "=", version_value: "7.31", }, { version_name: "=", version_value: "7.40", }, { version_name: "=", version_value: "7.50", }, ], }, }, ], }, vendor_name: "SAP", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "By default, the SAP NetWeaver AS Java keystore service does not sufficiently restrict the access to resources that should be protected. This has been fixed in SAP NetWeaver AS Java (ServerCore versions 7.11, 7.20, 7.30, 7.31, 7.40, 7.50).", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Missing Authentication", }, ], }, ], }, references: { reference_data: [ { name: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699", refsource: "MISC", url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699", }, { name: "106156", refsource: "BID", url: "http://www.securityfocus.com/bid/106156", }, { name: "https://launchpad.support.sap.com/#/notes/2658279", refsource: "MISC", url: "https://launchpad.support.sap.com/#/notes/2658279", }, ], }, source: { discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2018-2503", datePublished: "2018-12-11T23:00:00", dateReserved: "2017-12-15T00:00:00", dateUpdated: "2024-08-05T04:21:34.355Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-0391
Vulnerability from cvelistv5
Published
2019-11-13 22:00
Modified
2024-08-04 17:51
Severity ?
EPSS score ?
Summary
Under certain conditions SAP NetWeaver AS Java (corrected in 7.10, 7.20, 7.30, 7.31, 7.40, 7.50) allows an attacker to access information which would otherwise be restricted.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528880390 | x_refsource_MISC | |
| https://launchpad.support.sap.com/#/notes/2835226 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP SE | SAP NetWeaver AS Java |
Version: < 7.10 Version: < 7.20 Version: < 7.30 Version: < 7.31 Version: < 7.40 Version: < 7.50 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T17:51:26.799Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528880390", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/2835226", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SAP NetWeaver AS Java", vendor: "SAP SE", versions: [ { status: "affected", version: "< 7.10", }, { status: "affected", version: "< 7.20", }, { status: "affected", version: "< 7.30", }, { status: "affected", version: "< 7.31", }, { status: "affected", version: "< 7.40", }, { status: "affected", version: "< 7.50", }, ], }, ], descriptions: [ { lang: "en", value: "Under certain conditions SAP NetWeaver AS Java (corrected in 7.10, 7.20, 7.30, 7.31, 7.40, 7.50) allows an attacker to access information which would otherwise be restricted.", }, ], problemTypes: [ { descriptions: [ { description: " Information Disclosure", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-11-13T22:00:44", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528880390", }, { tags: [ "x_refsource_MISC", ], url: "https://launchpad.support.sap.com/#/notes/2835226", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cna@sap.com", ID: "CVE-2019-0391", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SAP NetWeaver AS Java", version: { version_data: [ { version_name: "<", version_value: "7.10", }, { version_name: "<", version_value: "7.20", }, { version_name: "<", version_value: "7.30", }, { version_name: "<", version_value: "7.31", }, { version_name: "<", version_value: "7.40", }, { version_name: "<", version_value: "7.50", }, ], }, }, ], }, vendor_name: "SAP SE", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Under certain conditions SAP NetWeaver AS Java (corrected in 7.10, 7.20, 7.30, 7.31, 7.40, 7.50) allows an attacker to access information which would otherwise be restricted.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: " Information Disclosure", }, ], }, ], }, references: { reference_data: [ { name: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528880390", refsource: "MISC", url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528880390", }, { name: "https://launchpad.support.sap.com/#/notes/2835226", refsource: "MISC", url: "https://launchpad.support.sap.com/#/notes/2835226", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2019-0391", datePublished: "2019-11-13T22:00:44", dateReserved: "2018-11-26T00:00:00", dateUpdated: "2024-08-04T17:51:26.799Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-11458
Vulnerability from cvelistv5
Published
2017-07-25 18:00
Modified
2024-08-05 18:12
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in the ctcprotocol/Protocol servlet in SAP NetWeaver AS JAVA 7.3 allows remote attackers to inject arbitrary web script or HTML via the sessionID parameter, aka SAP Security Note 2406783.
References
| ▼ | URL | Tags |
|---|---|---|
| https://erpscan.io/advisories/erpscan-17-017-sap-netweaver-java-7-3-java-xss-ctcprotocolprotocol-servlet/ | x_refsource_MISC | |
| http://www.securityfocus.com/bid/97566 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T18:12:39.905Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://erpscan.io/advisories/erpscan-17-017-sap-netweaver-java-7-3-java-xss-ctcprotocolprotocol-servlet/", }, { name: "97566", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/97566", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2017-04-11T00:00:00", descriptions: [ { lang: "en", value: "Cross-site scripting (XSS) vulnerability in the ctcprotocol/Protocol servlet in SAP NetWeaver AS JAVA 7.3 allows remote attackers to inject arbitrary web script or HTML via the sessionID parameter, aka SAP Security Note 2406783.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-12-10T17:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://erpscan.io/advisories/erpscan-17-017-sap-netweaver-java-7-3-java-xss-ctcprotocolprotocol-servlet/", }, { name: "97566", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/97566", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-11458", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Cross-site scripting (XSS) vulnerability in the ctcprotocol/Protocol servlet in SAP NetWeaver AS JAVA 7.3 allows remote attackers to inject arbitrary web script or HTML via the sessionID parameter, aka SAP Security Note 2406783.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://erpscan.io/advisories/erpscan-17-017-sap-netweaver-java-7-3-java-xss-ctcprotocolprotocol-servlet/", refsource: "MISC", url: "https://erpscan.io/advisories/erpscan-17-017-sap-netweaver-java-7-3-java-xss-ctcprotocolprotocol-servlet/", }, { name: "97566", refsource: "BID", url: "http://www.securityfocus.com/bid/97566", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-11458", datePublished: "2017-07-25T18:00:00", dateReserved: "2017-07-19T00:00:00", dateUpdated: "2024-08-05T18:12:39.905Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-0275
Vulnerability from cvelistv5
Published
2019-03-12 22:00
Modified
2024-08-04 17:44
Severity ?
EPSS score ?
Summary
SAML 1.1 SSO Demo Application in SAP NetWeaver Java Application Server (J2EE-APPS), versions 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40 and 7.50, does not sufficiently encode user-controlled inputs, which results in cross-site scripting (XSS) vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=515408080 | x_refsource_MISC | |
| https://launchpad.support.sap.com/#/notes/2689925 | x_refsource_MISC | |
| http://www.securityfocus.com/bid/107362 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP SE | SAP NetWeaver Java Application Server (J2EE-APPS) |
Version: < 7.10 to 7.11 Version: < 7.20 Version: < 7.30 Version: < 7.31 Version: < 7.40 Version: < 7.50 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T17:44:16.521Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=515408080", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/2689925", }, { name: "107362", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/107362", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SAP NetWeaver Java Application Server (J2EE-APPS)", vendor: "SAP SE", versions: [ { status: "affected", version: "< 7.10 to 7.11", }, { status: "affected", version: "< 7.20", }, { status: "affected", version: "< 7.30", }, { status: "affected", version: "< 7.31", }, { status: "affected", version: "< 7.40", }, { status: "affected", version: "< 7.50", }, ], }, ], datePublic: "2019-03-12T00:00:00", descriptions: [ { lang: "en", value: "SAML 1.1 SSO Demo Application in SAP NetWeaver Java Application Server (J2EE-APPS), versions 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40 and 7.50, does not sufficiently encode user-controlled inputs, which results in cross-site scripting (XSS) vulnerability.", }, ], problemTypes: [ { descriptions: [ { description: "Cross-Site Scripting", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-03-13T09:57:01", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=515408080", }, { tags: [ "x_refsource_MISC", ], url: "https://launchpad.support.sap.com/#/notes/2689925", }, { name: "107362", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/107362", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cna@sap.com", ID: "CVE-2019-0275", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SAP NetWeaver Java Application Server (J2EE-APPS)", version: { version_data: [ { version_name: "<", version_value: "7.10 to 7.11", }, { version_name: "<", version_value: "7.20", }, { version_name: "<", version_value: "7.30", }, { version_name: "<", version_value: "7.31", }, { version_name: "<", version_value: "7.40", }, { version_name: "<", version_value: "7.50", }, ], }, }, ], }, vendor_name: "SAP SE", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "SAML 1.1 SSO Demo Application in SAP NetWeaver Java Application Server (J2EE-APPS), versions 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40 and 7.50, does not sufficiently encode user-controlled inputs, which results in cross-site scripting (XSS) vulnerability.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Cross-Site Scripting", }, ], }, ], }, references: { reference_data: [ { name: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=515408080", refsource: "MISC", url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=515408080", }, { name: "https://launchpad.support.sap.com/#/notes/2689925", refsource: "MISC", url: "https://launchpad.support.sap.com/#/notes/2689925", }, { name: "107362", refsource: "BID", url: "http://www.securityfocus.com/bid/107362", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2019-0275", datePublished: "2019-03-12T22:00:00", dateReserved: "2018-11-26T00:00:00", dateUpdated: "2024-08-04T17:44:16.521Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-6313
Vulnerability from cvelistv5
Published
2020-09-09 12:43
Modified
2024-08-04 08:55
Severity ?
EPSS score ?
Summary
SAP NetWeaver Application Server JAVA(XML Forms) versions 7.30, 7.31, 7.40, 7.50 does not sufficiently encode user controlled inputs, which allows an authenticated User with special roles to store malicious content, that when accessed by a victim, can perform malicious actions by executing JavaScript, leading to Stored Cross-Site Scripting.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=557449700 | x_refsource_MISC | |
| https://launchpad.support.sap.com/#/notes/2953112 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP SE | SAP NetWeaver AS JAVA (XML Forms) |
Version: < 7.30 Version: < 7.31 Version: < 7.40 Version: < 7.50 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T08:55:22.450Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=557449700", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/2953112", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SAP NetWeaver AS JAVA (XML Forms)", vendor: "SAP SE", versions: [ { status: "affected", version: "< 7.30", }, { status: "affected", version: "< 7.31", }, { status: "affected", version: "< 7.40", }, { status: "affected", version: "< 7.50", }, ], }, ], descriptions: [ { lang: "en", value: "SAP NetWeaver Application Server JAVA(XML Forms) versions 7.30, 7.31, 7.40, 7.50 does not sufficiently encode user controlled inputs, which allows an authenticated User with special roles to store malicious content, that when accessed by a victim, can perform malicious actions by executing JavaScript, leading to Stored Cross-Site Scripting.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "Cross Site Scripting", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-09-09T12:43:03", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=557449700", }, { tags: [ "x_refsource_MISC", ], url: "https://launchpad.support.sap.com/#/notes/2953112", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cna@sap.com", ID: "CVE-2020-6313", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SAP NetWeaver AS JAVA (XML Forms)", version: { version_data: [ { version_name: "<", version_value: "7.30", }, { version_name: "<", version_value: "7.31", }, { version_name: "<", version_value: "7.40", }, { version_name: "<", version_value: "7.50", }, ], }, }, ], }, vendor_name: "SAP SE", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "SAP NetWeaver Application Server JAVA(XML Forms) versions 7.30, 7.31, 7.40, 7.50 does not sufficiently encode user controlled inputs, which allows an authenticated User with special roles to store malicious content, that when accessed by a victim, can perform malicious actions by executing JavaScript, leading to Stored Cross-Site Scripting.", }, ], }, impact: { cvss: { baseScore: "5.4", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Cross Site Scripting", }, ], }, ], }, references: { reference_data: [ { name: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=557449700", refsource: "MISC", url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=557449700", }, { name: "https://launchpad.support.sap.com/#/notes/2953112", refsource: "MISC", url: "https://launchpad.support.sap.com/#/notes/2953112", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2020-6313", datePublished: "2020-09-09T12:43:03", dateReserved: "2020-01-08T00:00:00", dateUpdated: "2024-08-04T08:55:22.450Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-2492
Vulnerability from cvelistv5
Published
2018-12-11 23:00
Modified
2024-08-05 04:21
Severity ?
EPSS score ?
Summary
SAML 2.0 functionality in SAP NetWeaver AS Java, does not sufficiently validate XML documents received from an untrusted source. This is fixed in versions 7.2, 7.30, 7.31, 7.40 and 7.50.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699 | x_refsource_MISC | |
| https://launchpad.support.sap.com/#/notes/2642680 | x_refsource_MISC | |
| http://www.securityfocus.com/bid/106153 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP | SAP NetWeaver Application Server (Java Library) |
Version: = 7.20 Version: = 7.30 Version: = 7.31 Version: = 7.50 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T04:21:34.186Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/2642680", }, { name: "106153", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/106153", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SAP NetWeaver Application Server (Java Library)", vendor: "SAP", versions: [ { status: "affected", version: "= 7.20", }, { status: "affected", version: "= 7.30", }, { status: "affected", version: "= 7.31", }, { status: "affected", version: "= 7.50", }, ], }, ], datePublic: "2018-12-11T00:00:00", descriptions: [ { lang: "en", value: "SAML 2.0 functionality in SAP NetWeaver AS Java, does not sufficiently validate XML documents received from an untrusted source. This is fixed in versions 7.2, 7.30, 7.31, 7.40 and 7.50.", }, ], problemTypes: [ { descriptions: [ { description: "Missing XML Validation", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-12-12T10:57:01", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699", }, { tags: [ "x_refsource_MISC", ], url: "https://launchpad.support.sap.com/#/notes/2642680", }, { name: "106153", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/106153", }, ], source: { discovery: "UNKNOWN", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cna@sap.com", ID: "CVE-2018-2492", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SAP NetWeaver Application Server (Java Library)", version: { version_data: [ { version_name: "=", version_value: "7.20", }, { version_name: "=", version_value: "7.30", }, { version_name: "=", version_value: "7.31", }, { version_name: "=", version_value: "7.50", }, ], }, }, ], }, vendor_name: "SAP", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "SAML 2.0 functionality in SAP NetWeaver AS Java, does not sufficiently validate XML documents received from an untrusted source. This is fixed in versions 7.2, 7.30, 7.31, 7.40 and 7.50.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Missing XML Validation", }, ], }, ], }, references: { reference_data: [ { name: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699", refsource: "MISC", url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699", }, { name: "https://launchpad.support.sap.com/#/notes/2642680", refsource: "MISC", url: "https://launchpad.support.sap.com/#/notes/2642680", }, { name: "106153", refsource: "BID", url: "http://www.securityfocus.com/bid/106153", }, ], }, source: { discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2018-2492", datePublished: "2018-12-11T23:00:00", dateReserved: "2017-12-15T00:00:00", dateUpdated: "2024-08-05T04:21:34.186Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-0327
Vulnerability from cvelistv5
Published
2019-07-10 19:09
Modified
2024-08-04 17:44
Severity ?
EPSS score ?
Summary
SAP NetWeaver for Java Application Server - Web Container, (engineapi, versions 7.1, 7.2, 7.3, 7.31, 7.4 and 7.5), (servercode, versions 7.2, 7.3, 7.31, 7.4, 7.5), allows an attacker to upload files (including script files) without proper file format validation.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/109071 | vdb-entry, x_refsource_BID | |
| https://launchpad.support.sap.com/#/notes/2777910 | x_refsource_MISC | |
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523994575 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | SAP SE | SAP NetWeaver for Java Application Server - Web Container (engineapi) |
Version: < 7.1 Version: < 7.2 Version: < 7.3 Version: < 7.31 Version: < 7.4 Version: < 7.5 |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T17:44:16.446Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "109071", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/109071", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/2777910", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523994575", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SAP NetWeaver for Java Application Server - Web Container (engineapi) ", vendor: "SAP SE", versions: [ { status: "affected", version: "< 7.1", }, { status: "affected", version: "< 7.2", }, { status: "affected", version: "< 7.3", }, { status: "affected", version: "< 7.31", }, { status: "affected", version: "< 7.4", }, { status: "affected", version: "< 7.5", }, ], }, { product: "SAP NetWeaver for Java Application Server - Web Container (servercode)", vendor: "SAP SE", versions: [ { status: "affected", version: "< 7.2", }, { status: "affected", version: "< 7.3", }, { status: "affected", version: "< 7.31", }, { status: "affected", version: "< 7.4", }, { status: "affected", version: "< 7.5", }, ], }, ], descriptions: [ { lang: "en", value: "SAP NetWeaver for Java Application Server - Web Container, (engineapi, versions 7.1, 7.2, 7.3, 7.31, 7.4 and 7.5), (servercode, versions 7.2, 7.3, 7.31, 7.4, 7.5), allows an attacker to upload files (including script files) without proper file format validation.", }, ], problemTypes: [ { descriptions: [ { description: "Unrestricted File Upload", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-07-10T19:09:44", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { name: "109071", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/109071", }, { tags: [ "x_refsource_MISC", ], url: "https://launchpad.support.sap.com/#/notes/2777910", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523994575", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cna@sap.com", ID: "CVE-2019-0327", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SAP NetWeaver for Java Application Server - Web Container (engineapi) ", version: { version_data: [ { version_name: "<", version_value: "7.1", }, { version_name: "<", version_value: "7.2", }, { version_name: "<", version_value: "7.3", }, { version_name: "<", version_value: "7.31", }, { version_name: "<", version_value: "7.4", }, { version_name: "<", version_value: "7.5", }, ], }, }, { product_name: "SAP NetWeaver for Java Application Server - Web Container (servercode)", version: { version_data: [ { version_name: "<", version_value: "7.2", }, { version_name: "<", version_value: "7.3", }, { version_name: "<", version_value: "7.31", }, { version_name: "<", version_value: "7.4", }, { version_name: "<", version_value: "7.5", }, ], }, }, ], }, vendor_name: "SAP SE", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "SAP NetWeaver for Java Application Server - Web Container, (engineapi, versions 7.1, 7.2, 7.3, 7.31, 7.4 and 7.5), (servercode, versions 7.2, 7.3, 7.31, 7.4, 7.5), allows an attacker to upload files (including script files) without proper file format validation.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Unrestricted File Upload", }, ], }, ], }, references: { reference_data: [ { name: "109071", refsource: "BID", url: "http://www.securityfocus.com/bid/109071", }, { name: "https://launchpad.support.sap.com/#/notes/2777910", refsource: "MISC", url: "https://launchpad.support.sap.com/#/notes/2777910", }, { name: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523994575", refsource: "CONFIRM", url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523994575", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2019-0327", datePublished: "2019-07-10T19:09:39", dateReserved: "2018-11-26T00:00:00", dateUpdated: "2024-08-04T17:44:16.446Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2010-5326
Vulnerability from cvelistv5
Published
2016-05-13 10:00
Modified
2025-02-07 14:11
Severity ?
EPSS score ?
Summary
The Invoker Servlet on SAP NetWeaver Application Server Java platforms, possibly before 7.3, does not require authentication, which allows remote attackers to execute arbitrary code via an HTTP or HTTPS request, as exploited in the wild in 2013 through 2016, aka a "Detour" attack.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/90533 | vdb-entry, x_refsource_BID | |
| https://www.onapsis.com/threat-report-tip-iceberg-wild-exploitation-cyber-attacks-sap-business-applications | x_refsource_MISC | |
| http://service.sap.com/sap/support/notes/1445998 | x_refsource_MISC | |
| http://www.onapsis.com/research/publications/sap-security-in-depth-vol4-the-invoker-servlet-a-dangerous-detour-into-sap-java-solutions | x_refsource_MISC | |
| http://www.us-cert.gov/ncas/alerts/TA16-132A | third-party-advisory, x_refsource_CERT | |
| http://www.securityfocus.com/bid/48925 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T04:17:10.293Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "90533", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/90533", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.onapsis.com/threat-report-tip-iceberg-wild-exploitation-cyber-attacks-sap-business-applications", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://service.sap.com/sap/support/notes/1445998", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.onapsis.com/research/publications/sap-security-in-depth-vol4-the-invoker-servlet-a-dangerous-detour-into-sap-java-solutions", }, { name: "TA16-132A", tags: [ "third-party-advisory", "x_refsource_CERT", "x_transferred", ], url: "http://www.us-cert.gov/ncas/alerts/TA16-132A", }, { name: "48925", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/48925", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 10, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2010-5326", options: [ { Exploitation: "active", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-07T14:11:12.382032Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2021-11-03", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2010-5326", }, type: "kev", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-306", description: "CWE-306 Missing Authentication for Critical Function", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-07T14:11:21.807Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2010-01-01T00:00:00.000Z", descriptions: [ { lang: "en", value: "The Invoker Servlet on SAP NetWeaver Application Server Java platforms, possibly before 7.3, does not require authentication, which allows remote attackers to execute arbitrary code via an HTTP or HTTPS request, as exploited in the wild in 2013 through 2016, aka a \"Detour\" attack.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-11-25T19:57:01.000Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "90533", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/90533", }, { tags: [ "x_refsource_MISC", ], url: "https://www.onapsis.com/threat-report-tip-iceberg-wild-exploitation-cyber-attacks-sap-business-applications", }, { tags: [ "x_refsource_MISC", ], url: "http://service.sap.com/sap/support/notes/1445998", }, { tags: [ "x_refsource_MISC", ], url: "http://www.onapsis.com/research/publications/sap-security-in-depth-vol4-the-invoker-servlet-a-dangerous-detour-into-sap-java-solutions", }, { name: "TA16-132A", tags: [ "third-party-advisory", "x_refsource_CERT", ], url: "http://www.us-cert.gov/ncas/alerts/TA16-132A", }, { name: "48925", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/48925", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2010-5326", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Invoker Servlet on SAP NetWeaver Application Server Java platforms, possibly before 7.3, does not require authentication, which allows remote attackers to execute arbitrary code via an HTTP or HTTPS request, as exploited in the wild in 2013 through 2016, aka a \"Detour\" attack.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "90533", refsource: "BID", url: "http://www.securityfocus.com/bid/90533", }, { name: "https://www.onapsis.com/threat-report-tip-iceberg-wild-exploitation-cyber-attacks-sap-business-applications", refsource: "MISC", url: "https://www.onapsis.com/threat-report-tip-iceberg-wild-exploitation-cyber-attacks-sap-business-applications", }, { name: "http://service.sap.com/sap/support/notes/1445998", refsource: "MISC", url: "http://service.sap.com/sap/support/notes/1445998", }, { name: "http://www.onapsis.com/research/publications/sap-security-in-depth-vol4-the-invoker-servlet-a-dangerous-detour-into-sap-java-solutions", refsource: "MISC", url: "http://www.onapsis.com/research/publications/sap-security-in-depth-vol4-the-invoker-servlet-a-dangerous-detour-into-sap-java-solutions", }, { name: "TA16-132A", refsource: "CERT", url: "http://www.us-cert.gov/ncas/alerts/TA16-132A", }, { name: "48925", refsource: "BID", url: "http://www.securityfocus.com/bid/48925", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2010-5326", datePublished: "2016-05-13T10:00:00.000Z", dateReserved: "2016-05-12T00:00:00.000Z", dateUpdated: "2025-02-07T14:11:21.807Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-2504
Vulnerability from cvelistv5
Published
2018-12-11 23:00
Modified
2024-08-05 04:21
Severity ?
EPSS score ?
Summary
SAP NetWeaver AS Java Web Container service does not validate against whitelist the HTTP host header which can result in HTTP Host Header Manipulation or Cross-Site Scripting (XSS) vulnerability. This is fixed in versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699 | x_refsource_MISC | |
| https://launchpad.support.sap.com/#/notes/2718993 | x_refsource_MISC | |
| http://www.securityfocus.com/bid/106150 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP | SAP NetWeaver AS Java (ServerCore) |
Version: = 7.10 Version: = 7.11 Version: = 7.20 Version: = 7.30 Version: = 7.31 Version: = 7.40 Version: = 7.50 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T04:21:34.413Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/2718993", }, { name: "106150", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/106150", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SAP NetWeaver AS Java (ServerCore)", vendor: "SAP", versions: [ { status: "affected", version: "= 7.10", }, { status: "affected", version: "= 7.11", }, { status: "affected", version: "= 7.20", }, { status: "affected", version: "= 7.30", }, { status: "affected", version: "= 7.31", }, { status: "affected", version: "= 7.40", }, { status: "affected", version: "= 7.50", }, ], }, ], datePublic: "2018-12-11T00:00:00", descriptions: [ { lang: "en", value: "SAP NetWeaver AS Java Web Container service does not validate against whitelist the HTTP host header which can result in HTTP Host Header Manipulation or Cross-Site Scripting (XSS) vulnerability. This is fixed in versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50.", }, ], problemTypes: [ { descriptions: [ { description: "Cross-Site Scripting", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-12-12T10:57:01", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699", }, { tags: [ "x_refsource_MISC", ], url: "https://launchpad.support.sap.com/#/notes/2718993", }, { name: "106150", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/106150", }, ], source: { discovery: "UNKNOWN", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cna@sap.com", ID: "CVE-2018-2504", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SAP NetWeaver AS Java (ServerCore)", version: { version_data: [ { version_name: "=", version_value: "7.10", }, { version_name: "=", version_value: "7.11", }, { version_name: "=", version_value: "7.20", }, { version_name: "=", version_value: "7.30", }, { version_name: "=", version_value: "7.31", }, { version_name: "=", version_value: "7.40", }, { version_name: "=", version_value: "7.50", }, ], }, }, ], }, vendor_name: "SAP", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "SAP NetWeaver AS Java Web Container service does not validate against whitelist the HTTP host header which can result in HTTP Host Header Manipulation or Cross-Site Scripting (XSS) vulnerability. This is fixed in versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Cross-Site Scripting", }, ], }, ], }, references: { reference_data: [ { name: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699", refsource: "MISC", url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699", }, { name: "https://launchpad.support.sap.com/#/notes/2718993", refsource: "MISC", url: "https://launchpad.support.sap.com/#/notes/2718993", }, { name: "106150", refsource: "BID", url: "http://www.securityfocus.com/bid/106150", }, ], }, source: { discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2018-2504", datePublished: "2018-12-11T23:00:00", dateReserved: "2017-12-15T00:00:00", dateUpdated: "2024-08-05T04:21:34.413Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-22532
Vulnerability from cvelistv5
Published
2022-02-09 22:05
Modified
2024-08-03 03:14
Severity ?
EPSS score ?
Summary
In SAP NetWeaver Application Server Java - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, an unauthenticated attacker could submit a crafted HTTP server request which triggers improper shared memory buffer handling. This could allow the malicious payload to be executed and hence execute functions that could be impersonating the victim or even steal the victim's logon session.
References
| ▼ | URL | Tags |
|---|---|---|
| https://launchpad.support.sap.com/#/notes/3123427 | x_refsource_MISC | |
| https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP SE | SAP NetWeaver Application Server Java |
Version: KRNL64NUC 7.22 Version: 7.22EXT Version: 7.49 Version: KRNL64UC Version: 7.22 Version: 7.53 Version: KERNEL 7.22 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T03:14:55.440Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/3123427", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SAP NetWeaver Application Server Java", vendor: "SAP SE", versions: [ { status: "affected", version: "KRNL64NUC 7.22", }, { status: "affected", version: "7.22EXT", }, { status: "affected", version: "7.49", }, { status: "affected", version: "KRNL64UC", }, { status: "affected", version: "7.22", }, { status: "affected", version: "7.53", }, { status: "affected", version: "KERNEL 7.22", }, ], }, ], descriptions: [ { lang: "en", value: "In SAP NetWeaver Application Server Java - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, an unauthenticated attacker could submit a crafted HTTP server request which triggers improper shared memory buffer handling. This could allow the malicious payload to be executed and hence execute functions that could be impersonating the victim or even steal the victim's logon session.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-444", description: "CWE-444", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-08-24T15:16:54", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://launchpad.support.sap.com/#/notes/3123427", }, { tags: [ "x_refsource_MISC", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cna@sap.com", ID: "CVE-2022-22532", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SAP NetWeaver Application Server Java", version: { version_data: [ { version_affected: "=", version_value: "KRNL64NUC 7.22", }, { version_affected: "=", version_value: "7.22EXT", }, { version_affected: "=", version_value: "7.49", }, { version_affected: "=", version_value: "KRNL64UC", }, { version_affected: "=", version_value: "7.22", }, { version_affected: "=", version_value: "7.22EXT", }, { version_affected: "=", version_value: "7.49", }, { version_affected: "=", version_value: "7.53", }, { version_affected: "=", version_value: "KERNEL 7.22", }, { version_affected: "=", version_value: "7.49", }, { version_affected: "=", version_value: "7.53", }, ], }, }, ], }, vendor_name: "SAP SE", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In SAP NetWeaver Application Server Java - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, an unauthenticated attacker could submit a crafted HTTP server request which triggers improper shared memory buffer handling. This could allow the malicious payload to be executed and hence execute functions that could be impersonating the victim or even steal the victim's logon session.", }, ], }, impact: { cvss: { baseScore: "null", vectorString: "null", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-444", }, ], }, ], }, references: { reference_data: [ { name: "https://launchpad.support.sap.com/#/notes/3123427", refsource: "MISC", url: "https://launchpad.support.sap.com/#/notes/3123427", }, { name: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", refsource: "MISC", url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2022-22532", datePublished: "2022-02-09T22:05:19", dateReserved: "2022-01-04T00:00:00", dateUpdated: "2024-08-03T03:14:55.440Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }