Vulnerabilites related to sap - sap_r_3
CVE-2002-1578 (GCVE-0-2002-1578)
Vulnerability from cvelistv5
Published
2004-03-16 05:00
Modified
2024-08-08 03:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The default installation of SAP R/3, when using Oracle and SQL*net V2 3.x, 4.x, and 6.10, allows remote attackers to obtain arbitrary, sensitive SAP data by directly connecting to the Oracle database and executing queries against the database, which is not password-protected.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/8972 | vdb-entry, x_refsource_XF | |
| http://archives.neohapsis.com/archives/bugtraq/2002-04/0387.html | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/4613 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:26:29.119Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "sap-db-data-access(8972)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8972"
},
{
"name": "20020427 SAP R/3 on Oracle: vulnerable Default Installation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-04/0387.html"
},
{
"name": "4613",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4613"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-04-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The default installation of SAP R/3, when using Oracle and SQL*net V2 3.x, 4.x, and 6.10, allows remote attackers to obtain arbitrary, sensitive SAP data by directly connecting to the Oracle database and executing queries against the database, which is not password-protected."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "sap-db-data-access(8972)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8972"
},
{
"name": "20020427 SAP R/3 on Oracle: vulnerable Default Installation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-04/0387.html"
},
{
"name": "4613",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4613"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1578",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The default installation of SAP R/3, when using Oracle and SQL*net V2 3.x, 4.x, and 6.10, allows remote attackers to obtain arbitrary, sensitive SAP data by directly connecting to the Oracle database and executing queries against the database, which is not password-protected."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "sap-db-data-access(8972)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8972"
},
{
"name": "20020427 SAP R/3 on Oracle: vulnerable Default Installation",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-04/0387.html"
},
{
"name": "4613",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4613"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1578",
"datePublished": "2004-03-16T05:00:00",
"dateReserved": "2004-03-15T00:00:00",
"dateUpdated": "2024-08-08T03:26:29.119Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1577 (GCVE-0-2002-1577)
Vulnerability from cvelistv5
Published
2004-03-16 05:00
Modified
2024-08-08 03:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
SAP R/3 2.0B to 4.6D installs several clients with default users and passwords, which allows remote attackers to gain privileges via the (1) SAP*, (2) SAPCPIC, (3) DDIC, (4) EARLYWATCH, or (5) TMSADM accounts.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/9964 | vdb-entry, x_refsource_XF | |
| http://marc.info/?l=bugtraq&m=103038238228119&w=2 | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:26:29.268Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "sap-r3-default-account(9964)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9964"
},
{
"name": "20020825 SAP R/3 default password vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103038238228119\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-08-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SAP R/3 2.0B to 4.6D installs several clients with default users and passwords, which allows remote attackers to gain privileges via the (1) SAP*, (2) SAPCPIC, (3) DDIC, (4) EARLYWATCH, or (5) TMSADM accounts."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "sap-r3-default-account(9964)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9964"
},
{
"name": "20020825 SAP R/3 default password vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103038238228119\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1577",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SAP R/3 2.0B to 4.6D installs several clients with default users and passwords, which allows remote attackers to gain privileges via the (1) SAP*, (2) SAPCPIC, (3) DDIC, (4) EARLYWATCH, or (5) TMSADM accounts."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "sap-r3-default-account(9964)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9964"
},
{
"name": "20020825 SAP R/3 default password vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=103038238228119\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1577",
"datePublished": "2004-03-16T05:00:00",
"dateReserved": "2004-03-15T00:00:00",
"dateUpdated": "2024-08-08T03:26:29.268Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-1691 (GCVE-0-2005-1691)
Vulnerability from cvelistv5
Published
2005-07-26 04:00
Modified
2024-09-17 01:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Directory traversal vulnerability in Internet Graphics Server in SAP before 6.40 Patch 11 allows remote attackers to read arbitrary files via ".." sequences in an HTTP GET request.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.corsaire.com/advisories/c050503-001.txt | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:59:24.023Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.corsaire.com/advisories/c050503-001.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in Internet Graphics Server in SAP before 6.40 Patch 11 allows remote attackers to read arbitrary files via \"..\" sequences in an HTTP GET request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-07-26T04:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.corsaire.com/advisories/c050503-001.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-1691",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in Internet Graphics Server in SAP before 6.40 Patch 11 allows remote attackers to read arbitrary files via \"..\" sequences in an HTTP GET request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.corsaire.com/advisories/c050503-001.txt",
"refsource": "MISC",
"url": "http://www.corsaire.com/advisories/c050503-001.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-1691",
"datePublished": "2005-07-26T04:00:00Z",
"dateReserved": "2005-05-24T00:00:00Z",
"dateUpdated": "2024-09-17T01:01:56.899Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-1035 (GCVE-0-2003-1035)
Vulnerability from cvelistv5
Published
2004-03-16 05:00
Modified
2024-08-08 02:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The default installation of SAP R/3 46C/D allows remote attackers to bypass account locking by using the RFC API instead of the SAPGUI to conduct a brute force password guessing attack, which does not lock out the account like the SAPGUI does.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/7007 | vdb-entry, x_refsource_BID | |
| http://lists.grok.org.uk/pipermail/full-disclosure/2003-March/004039.html | mailing-list, x_refsource_FULLDISC | |
| http://www.securityfocus.com/archive/1/451378/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/11487 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:12:35.766Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "7007",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/7007"
},
{
"name": "20030304 SAP R/3, account locking and RFC SDK",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-March/004039.html"
},
{
"name": "20061112 Old SAP exploits",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/451378/100/0/threaded"
},
{
"name": "sap-sapinfo-lockout-bypass(11487)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11487"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-03-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The default installation of SAP R/3 46C/D allows remote attackers to bypass account locking by using the RFC API instead of the SAPGUI to conduct a brute force password guessing attack, which does not lock out the account like the SAPGUI does."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "7007",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/7007"
},
{
"name": "20030304 SAP R/3, account locking and RFC SDK",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-March/004039.html"
},
{
"name": "20061112 Old SAP exploits",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/451378/100/0/threaded"
},
{
"name": "sap-sapinfo-lockout-bypass(11487)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11487"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1035",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The default installation of SAP R/3 46C/D allows remote attackers to bypass account locking by using the RFC API instead of the SAPGUI to conduct a brute force password guessing attack, which does not lock out the account like the SAPGUI does."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "7007",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7007"
},
{
"name": "20030304 SAP R/3, account locking and RFC SDK",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-March/004039.html"
},
{
"name": "20061112 Old SAP exploits",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/451378/100/0/threaded"
},
{
"name": "sap-sapinfo-lockout-bypass(11487)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11487"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1035",
"datePublished": "2004-03-16T05:00:00",
"dateReserved": "2004-03-15T00:00:00",
"dateUpdated": "2024-08-08T02:12:35.766Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-4815 (GCVE-0-2005-4815)
Vulnerability from cvelistv5
Published
2006-11-21 23:00
Modified
2024-08-08 00:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
SAP 6.4 before 6.40 patch 4, 6.2 before 6.20 patch 1364, 4.6 before 4.6D patch 1767, 45 before 45B patch 913, 40 before 40B patch 1008, and 31 before 31I patch 735 do not properly restrict process execution by lnaxdm/sapsys, which allows remote attackers to execute arbitrary code via a certain UDP packet that ends with the name of a local executable file, aka the "FX SAP R/3 gwrd vuln."
References
| ▼ | URL | Tags |
|---|---|---|
| http://lists.virus.org/darklab-0509/msg00017.html | mailing-list, x_refsource_MLIST | |
| http://lists.virus.org/darklab-0509/msg00011.html | mailing-list, x_refsource_MLIST | |
| http://lists.darklab.org/pipermail/darklab/2006-January/000209.html | mailing-list, x_refsource_MLIST | |
| http://lists.virus.org/darklab-0509/msg00018.html | mailing-list, x_refsource_MLIST | |
| http://www.securityfocus.com/archive/1/451378/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:01:23.353Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[Darklab] 20060907 Re: SAP security/auditing",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.virus.org/darklab-0509/msg00017.html"
},
{
"name": "[Darklab] 20060905 SAP security/auditing",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.virus.org/darklab-0509/msg00011.html"
},
{
"name": "[Darklab] 20060131 SAP security/auditing",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.darklab.org/pipermail/darklab/2006-January/000209.html"
},
{
"name": "[Darklab] 20060908 Re: SAP security/auditing",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.virus.org/darklab-0509/msg00018.html"
},
{
"name": "20061112 Old SAP exploits",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/451378/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-09-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SAP 6.4 before 6.40 patch 4, 6.2 before 6.20 patch 1364, 4.6 before 4.6D patch 1767, 45 before 45B patch 913, 40 before 40B patch 1008, and 31 before 31I patch 735 do not properly restrict process execution by lnaxdm/sapsys, which allows remote attackers to execute arbitrary code via a certain UDP packet that ends with the name of a local executable file, aka the \"FX SAP R/3 gwrd vuln.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[Darklab] 20060907 Re: SAP security/auditing",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.virus.org/darklab-0509/msg00017.html"
},
{
"name": "[Darklab] 20060905 SAP security/auditing",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.virus.org/darklab-0509/msg00011.html"
},
{
"name": "[Darklab] 20060131 SAP security/auditing",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.darklab.org/pipermail/darklab/2006-January/000209.html"
},
{
"name": "[Darklab] 20060908 Re: SAP security/auditing",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.virus.org/darklab-0509/msg00018.html"
},
{
"name": "20061112 Old SAP exploits",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/451378/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4815",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SAP 6.4 before 6.40 patch 4, 6.2 before 6.20 patch 1364, 4.6 before 4.6D patch 1767, 45 before 45B patch 913, 40 before 40B patch 1008, and 31 before 31I patch 735 do not properly restrict process execution by lnaxdm/sapsys, which allows remote attackers to execute arbitrary code via a certain UDP packet that ends with the name of a local executable file, aka the \"FX SAP R/3 gwrd vuln.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[Darklab] 20060907 Re: SAP security/auditing",
"refsource": "MLIST",
"url": "http://lists.virus.org/darklab-0509/msg00017.html"
},
{
"name": "[Darklab] 20060905 SAP security/auditing",
"refsource": "MLIST",
"url": "http://lists.virus.org/darklab-0509/msg00011.html"
},
{
"name": "[Darklab] 20060131 SAP security/auditing",
"refsource": "MLIST",
"url": "http://lists.darklab.org/pipermail/darklab/2006-January/000209.html"
},
{
"name": "[Darklab] 20060908 Re: SAP security/auditing",
"refsource": "MLIST",
"url": "http://lists.virus.org/darklab-0509/msg00018.html"
},
{
"name": "20061112 Old SAP exploits",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/451378/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-4815",
"datePublished": "2006-11-21T23:00:00",
"dateReserved": "2006-11-21T00:00:00",
"dateUpdated": "2024-08-08T00:01:23.353Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2005-07-26 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Directory traversal vulnerability in Internet Graphics Server in SAP before 6.40 Patch 11 allows remote attackers to read arbitrary files via ".." sequences in an HTTP GET request.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.corsaire.com/advisories/c050503-001.txt | Exploit, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.corsaire.com/advisories/c050503-001.txt | Exploit, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:sap_r_3:*:*:*:*:*:*:*:*",
"matchCriteriaId": "595752A5-ED49-421B-AA3E-212DA0868FC4",
"versionEndIncluding": "6.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in Internet Graphics Server in SAP before 6.40 Patch 11 allows remote attackers to read arbitrary files via \"..\" sequences in an HTTP GET request."
},
{
"lang": "es",
"value": "Vulnerabilidad de franqueo de directorios en Internet Graphics Server en SAP anterior a la 6.40 Patch 11 permite que atacantes remotos lean ficheros arbitrarios mediante secuencias \"..\" en una petici\u00f3n HTTP GET."
}
],
"id": "CVE-2005-1691",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-07-26T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.corsaire.com/advisories/c050503-001.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.corsaire.com/advisories/c050503-001.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-04-15 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The default installation of SAP R/3 46C/D allows remote attackers to bypass account locking by using the RFC API instead of the SAPGUI to conduct a brute force password guessing attack, which does not lock out the account like the SAPGUI does.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:sap_r_3:*:*:*:*:*:*:*:*",
"matchCriteriaId": "812BDEE8-05CD-40A7-9BF0-263C5AE9024F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:sapgui:4.6c:*:windows:*:*:*:*:*",
"matchCriteriaId": "33C7A581-C3CF-468F-8B06-1C9F227D5967",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:sapgui:4.6d:*:windows:*:*:*:*:*",
"matchCriteriaId": "4FCC8060-E285-43BA-9626-D9CB960A964D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The default installation of SAP R/3 46C/D allows remote attackers to bypass account locking by using the RFC API instead of the SAPGUI to conduct a brute force password guessing attack, which does not lock out the account like the SAPGUI does."
},
{
"lang": "es",
"value": "La instalaci\u00f3n por defecto de SAP R/3 46C/D permite a atacantes remotos saltarse bloqueos de cuentas usando la API RFC en lugar de SAPGUI para hacer ataques de fuerza bruta para averiguar la contrase\u00f1a, lo cual no bloquea las cuentas como lo hace SAPGUI."
}
],
"id": "CVE-2003-1035",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-04-15T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-March/004039.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/451378/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/7007"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11487"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-March/004039.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/451378/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/7007"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11487"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
SAP 6.4 before 6.40 patch 4, 6.2 before 6.20 patch 1364, 4.6 before 4.6D patch 1767, 45 before 45B patch 913, 40 before 40B patch 1008, and 31 before 31I patch 735 do not properly restrict process execution by lnaxdm/sapsys, which allows remote attackers to execute arbitrary code via a certain UDP packet that ends with the name of a local executable file, aka the "FX SAP R/3 gwrd vuln."
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:sap_r_3:4.6_before_patch_1767:*:*:*:*:*:*:*",
"matchCriteriaId": "E4C79FDB-885C-4E21-8D34-01F7E0F3E670",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:sap_r_3:6.2_before_patch_1364:*:*:*:*:*:*:*",
"matchCriteriaId": "15558671-9CB0-440B-94C5-6B878B6364D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:sap_r_3:6.4_before_patch_4:*:*:*:*:*:*:*",
"matchCriteriaId": "CC4F25AE-8381-4FC4-B8E5-1E459DEAD74F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:sap_r_3:31_before_31i_patch_735:*:*:*:*:*:*:*",
"matchCriteriaId": "22E767CA-E2B6-4194-A87F-8CAC56EE1F6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:sap_r_3:40_before_patch_1008:*:*:*:*:*:*:*",
"matchCriteriaId": "E15CD7C9-BECC-4DF2-8455-7AE7154A765C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:sap_r_3:45_before_patch_913:*:*:*:*:*:*:*",
"matchCriteriaId": "281C68CB-F59A-4540-A16C-48791607C193",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SAP 6.4 before 6.40 patch 4, 6.2 before 6.20 patch 1364, 4.6 before 4.6D patch 1767, 45 before 45B patch 913, 40 before 40B patch 1008, and 31 before 31I patch 735 do not properly restrict process execution by lnaxdm/sapsys, which allows remote attackers to execute arbitrary code via a certain UDP packet that ends with the name of a local executable file, aka the \"FX SAP R/3 gwrd vuln.\""
}
],
"id": "CVE-2005-4815",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.darklab.org/pipermail/darklab/2006-January/000209.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.virus.org/darklab-0509/msg00011.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.virus.org/darklab-0509/msg00017.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.virus.org/darklab-0509/msg00018.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/451378/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.darklab.org/pipermail/darklab/2006-January/000209.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.virus.org/darklab-0509/msg00011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.virus.org/darklab-0509/msg00017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.virus.org/darklab-0509/msg00018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/451378/100/0/threaded"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-04-15 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The default installation of SAP R/3, when using Oracle and SQL*net V2 3.x, 4.x, and 6.10, allows remote attackers to obtain arbitrary, sensitive SAP data by directly connecting to the Oracle database and executing queries against the database, which is not password-protected.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://archives.neohapsis.com/archives/bugtraq/2002-04/0387.html | Exploit, Patch, Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/4613 | Exploit, Patch, Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/8972 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/bugtraq/2002-04/0387.html | Exploit, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/4613 | Exploit, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/8972 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:sap_r_3:*:*:*:*:*:*:*:*",
"matchCriteriaId": "812BDEE8-05CD-40A7-9BF0-263C5AE9024F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The default installation of SAP R/3, when using Oracle and SQL*net V2 3.x, 4.x, and 6.10, allows remote attackers to obtain arbitrary, sensitive SAP data by directly connecting to the Oracle database and executing queries against the database, which is not password-protected."
},
{
"lang": "es",
"value": "La instalaci\u00f3n por defecto de SAP R/3, cuando se usa Oracle y SQL*NET V2 3.x, 4.x y 6.10, permite a atacantes remotos obtener datos SAP sensibles y arbitrarios conect\u00e1ndose directamente a la base de datos y ejecutando consultas contra la base de datos, que no est\u00e1 protegida por contrase\u00f1a."
}
],
"id": "CVE-2002-1578",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-04-15T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-04/0387.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/4613"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8972"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-04/0387.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/4613"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8972"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-04-15 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
SAP R/3 2.0B to 4.6D installs several clients with default users and passwords, which allows remote attackers to gain privileges via the (1) SAP*, (2) SAPCPIC, (3) DDIC, (4) EARLYWATCH, or (5) TMSADM accounts.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:sap_r_3:2.0b_to_4.6d:*:*:*:*:*:*:*",
"matchCriteriaId": "23C54F95-726A-4F62-B690-0E5DA3E88F81",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SAP R/3 2.0B to 4.6D installs several clients with default users and passwords, which allows remote attackers to gain privileges via the (1) SAP*, (2) SAPCPIC, (3) DDIC, (4) EARLYWATCH, or (5) TMSADM accounts."
},
{
"lang": "es",
"value": "SAP R/3 2.0b y 4.6D instala varios clientes con nombres de usuario y contrase\u00f1as por defecto, lo que permite a atacantes remotos ganar privilegios mediante las cuentas (1) SAP*, (2) SAPCPIC, (3) DDIC, (4) EARLYWATCH, o (5) TMSADM"
}
],
"id": "CVE-2002-1577",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-04-15T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=103038238228119\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9964"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=103038238228119\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9964"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}