Search criteria
8 vulnerabilities found for ui5 by sap
VAR-201806-1433
Vulnerability from variot - Updated: 2024-11-23 23:08SAP UI5 did not validate user input before adding it to the DOM structure. This may lead to malicious user-provided JavaScript code being added to the DOM that could steal user information. Software components affected are: SAP Hana Database 1.00, 2.00; SAP UI5 1.00; SAP UI5 (Java) 7.30, 7.31, 7.40, 7,50; SAP UI 7.40, 7.50, 7.51, 7.52, and version 2.0 of SAP UI for SAP NetWeaver 7.00. SAP UI5 is prone to an cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. Remote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201806-1433",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ui",
"scope": "eq",
"trust": 2.7,
"vendor": "sap",
"version": "7.52"
},
{
"model": "ui",
"scope": "eq",
"trust": 2.7,
"vendor": "sap",
"version": "7.51"
},
{
"model": "ui",
"scope": "eq",
"trust": 2.7,
"vendor": "sap",
"version": "7.50"
},
{
"model": "ui",
"scope": "eq",
"trust": 2.7,
"vendor": "sap",
"version": "7.40"
},
{
"model": "hana database",
"scope": "eq",
"trust": 2.4,
"vendor": "sap",
"version": "1.00"
},
{
"model": "ui",
"scope": "eq",
"trust": 2.1,
"vendor": "sap",
"version": "2.0"
},
{
"model": "ui5",
"scope": "eq",
"trust": 1.9,
"vendor": "sap",
"version": "1.00"
},
{
"model": "hana database",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "2.00"
},
{
"model": "ui5 java",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.50"
},
{
"model": "ui5 java",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.31"
},
{
"model": "ui5 java",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.30"
},
{
"model": "ui5 java",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.40"
},
{
"model": "ui",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "5 1.00"
},
{
"model": "ui",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "5 java 7"
},
{
"model": "ui",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "50"
},
{
"model": "ui",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "5 java 7.30"
},
{
"model": "ui",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "5 java 7.31"
},
{
"model": "ui",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "5 java 7.40"
},
{
"model": "ui5",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.50"
},
{
"model": "ui5",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.40"
},
{
"model": "ui5",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.31"
},
{
"model": "ui5",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
},
{
"model": "hana db",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "2.00"
},
{
"model": "hana db",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "1.00"
}
],
"sources": [
{
"db": "BID",
"id": "104459"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006576"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-735"
},
{
"db": "NVD",
"id": "CVE-2018-2424"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:sap:hana_database",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:sap:ui",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-006576"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "104459"
}
],
"trust": 0.3
},
"cve": "CVE-2018-2424",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-2424",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-2424",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "cna@sap.com",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-2424",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-2424",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cna@sap.com",
"id": "CVE-2018-2424",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-2424",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201806-735",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-006576"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-735"
},
{
"db": "NVD",
"id": "CVE-2018-2424"
},
{
"db": "NVD",
"id": "CVE-2018-2424"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP UI5 did not validate user input before adding it to the DOM structure. This may lead to malicious user-provided JavaScript code being added to the DOM that could steal user information. Software components affected are: SAP Hana Database 1.00, 2.00; SAP UI5 1.00; SAP UI5 (Java) 7.30, 7.31, 7.40, 7,50; SAP UI 7.40, 7.50, 7.51, 7.52, and version 2.0 of SAP UI for SAP NetWeaver 7.00. SAP UI5 is prone to an cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. \nRemote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-2424"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006576"
},
{
"db": "BID",
"id": "104459"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-2424",
"trust": 2.7
},
{
"db": "BID",
"id": "104459",
"trust": 1.9
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006576",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201806-735",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "104459"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006576"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-735"
},
{
"db": "NVD",
"id": "CVE-2018-2424"
}
]
},
"id": "VAR-201806-1433",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2024-11-23T23:08:38.602000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "June 2018 Security Releases",
"trust": 0.8,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255"
},
{
"title": "SAP Hana DB , UI5 and UI Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80900"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-006576"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-735"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-006576"
},
{
"db": "NVD",
"id": "CVE-2018-2424"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://launchpad.support.sap.com/#/notes/2538856"
},
{
"trust": 1.9,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=495289255"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/104459"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-2424"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-2424"
},
{
"trust": 0.3,
"url": "http://www.sap.com"
}
],
"sources": [
{
"db": "BID",
"id": "104459"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006576"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-735"
},
{
"db": "NVD",
"id": "CVE-2018-2424"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "104459"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006576"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-735"
},
{
"db": "NVD",
"id": "CVE-2018-2424"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-12T00:00:00",
"db": "BID",
"id": "104459"
},
{
"date": "2018-08-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-006576"
},
{
"date": "2018-06-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201806-735"
},
{
"date": "2018-06-12T15:29:00.307000",
"db": "NVD",
"id": "CVE-2018-2424"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-12T00:00:00",
"db": "BID",
"id": "104459"
},
{
"date": "2018-08-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-006576"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201806-735"
},
{
"date": "2024-11-21T04:03:47.570000",
"db": "NVD",
"id": "CVE-2018-2424"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201806-735"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP UI5 Input validation vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-006576"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "104459"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-735"
}
],
"trust": 0.9
}
}
VAR-201907-1475
Vulnerability from variot - Updated: 2024-11-23 22:51The SAP Gateway, versions 7.5, 7.51, 7.52 and 7.53, allows an attacker to inject content which is displayed in the form of an error message. An attacker could thus mislead a user to believe this information is from the legitimate service when it's not. SAP Gateway Contains an injection vulnerability.Information may be altered. SAP Gateway is prone to a content injection vulnerability because the application fails to properly sanitize user-supplied input. Successful exploits will allow attacker-supplied content to be passed in context of the affected application ; Other attacks are also possible. The product supports non-SAP applications to connect to SAP applications, and can also connect and access SAP applications on mobile devices.
[VulnerabilityType Other] Content Spoofing
[Vendor of Product] SAP
[Affected Product] SAPUI5 1.0.0 and the SAP Gateway versions 7.5, 7.51, 7.52 and 7.53
[PoC] Tested in SAPUI5 1.0.0 PoC:
https://sapmobile.target.com/sap/opu/odata/UI2/INTEROP/PersContainers(category='P ',id='flp.settings.FlpSettings')?$expand=PersContainerItemsu1kpa_HACKED_&sap-cache-id=D49C673A8D0D275477C7CD1FBFA3EE31
[Attack Type] Remote
[Reference] https://capec.mitre.org/data/definitions/148.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0319
[Discoverer] Offensive0Labs - Rafael Fontes Souza
References below: "SAP Product Security Response Team seg, 8 de jul 04:33 (há 6 dias) para eu, SAP
Hello Rafael,
We are pleased to inform you that we are releasing the following security note on July Patch Day 2019:
Sec Incident ID(s) 1870475251
Security Note 2752614
Security Note Title [CVE-2019-0319] Content Injection Vulnerability in SAP Gateway
Advisory Plan Date 10/09/2019
Delivery date of fix/Patch Day 07/09/2019
CVSS Base Score 4.3
CVSS Base Vector NLNR | U | NLN
Credits go to:
Offensive0Labs, Rafael Fontes Souza
*Notes will be visible to customers on 9th of July 2019.
https://wiki.scn.sap.com/wiki/display/PSR/Acknowledgments+to+Security+Researchers
"
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201907-1475",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "gateway",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "7.5"
},
{
"model": "gateway",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "7.51"
},
{
"model": "gateway",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "7.52"
},
{
"model": "gateway",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "7.53"
},
{
"model": "ui5",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "1.0.0"
},
{
"model": "sapui5",
"scope": null,
"trust": 0.8,
"vendor": "sap",
"version": null
},
{
"model": "netweaver gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.53"
},
{
"model": "netweaver gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.52"
},
{
"model": "netweaver gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.51"
},
{
"model": "netweaver gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.5"
}
],
"sources": [
{
"db": "BID",
"id": "109074"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006514"
},
{
"db": "NVD",
"id": "CVE-2019-0319"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:sap:gateway",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:sap:ui5",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-006514"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP,Rafael Fontes Souza",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201907-462"
}
],
"trust": 0.6
},
"cve": "CVE-2019-0319",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2019-0319",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-140350",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2019-0319",
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-0319",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-0319",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201907-462",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-140350",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140350"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006514"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-462"
},
{
"db": "NVD",
"id": "CVE-2019-0319"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The SAP Gateway, versions 7.5, 7.51, 7.52 and 7.53, allows an attacker to inject content which is displayed in the form of an error message. An attacker could thus mislead a user to believe this information is from the legitimate service when it\u0027s not. SAP Gateway Contains an injection vulnerability.Information may be altered. SAP Gateway is prone to a content injection vulnerability because the application fails to properly sanitize user-supplied input. \nSuccessful exploits will allow attacker-supplied content to be passed in context of the affected application ; Other attacks are also possible. The product supports non-SAP applications to connect to SAP applications, and can also connect and access SAP applications on mobile devices. \n\n------------------------------------------\n\n[VulnerabilityType Other]\nContent Spoofing\n\n------------------------------------------\n\n[Vendor of Product]\nSAP\n\n------------------------------------------\n\n[Affected Product]\nSAPUI5 1.0.0 and the SAP Gateway versions 7.5, 7.51, 7.52 and 7.53\n\n------------------------------------------\n\n[PoC]\nTested in SAPUI5 1.0.0\nPoC:\n\nhttps://sapmobile.target.com/sap/opu/odata/UI2/INTEROP/PersContainers(category=\u0027P\n\u0027,id=\u0027flp.settings.FlpSettings\u0027)?$expand=PersContainerItemsu1kpa_HACKED_\u0026sap-cache-id=D49C673A8D0D275477C7CD1FBFA3EE31\n\n------------------------------------------\n\n[Attack Type]\nRemote\n\n------------------------------------------\n\n[Reference]\nhttps://capec.mitre.org/data/definitions/148.html\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0319\n------------------------------------------\n\n[Discoverer]\nOffensive0Labs - Rafael Fontes Souza\n\n\n\n\nReferences below:\n\"SAP Product Security Response Team\nseg, 8 de jul 04:33 (h\u00e1 6 dias)\npara eu, SAP\n\nHello Rafael,\n\nWe are pleased to inform you that we are releasing the following security\nnote on July Patch Day 2019:\n\nSec Incident ID(s) 1870475251\n\nSecurity Note 2752614\n\nSecurity Note Title [CVE-2019-0319] Content Injection Vulnerability in SAP\nGateway\n\nAdvisory Plan Date 10/09/2019\n\nDelivery date of fix/Patch Day 07/09/2019\n\nCVSS Base Score 4.3\n\nCVSS Base Vector NLNR | U | NLN\n\nCredits go to:\n\nOffensive0Labs, Rafael Fontes Souza\n\n*Notes will be visible to customers on 9th of July 2019. \n\nhttps://wiki.scn.sap.com/wiki/display/PSR/Acknowledgments+to+Security+Researchers\n\n\"\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-0319"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006514"
},
{
"db": "BID",
"id": "109074"
},
{
"db": "VULHUB",
"id": "VHN-140350"
},
{
"db": "PACKETSTORM",
"id": "153661"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-0319",
"trust": 2.9
},
{
"db": "BID",
"id": "109074",
"trust": 2.0
},
{
"db": "PACKETSTORM",
"id": "153661",
"trust": 1.8
},
{
"db": "CXSECURITY",
"id": "WLB-2019050283",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006514",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201907-462",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2020-04338",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-140350",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140350"
},
{
"db": "BID",
"id": "109074"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006514"
},
{
"db": "PACKETSTORM",
"id": "153661"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-462"
},
{
"db": "NVD",
"id": "CVE-2019-0319"
}
]
},
"id": "VAR-201907-1475",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-140350"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:51:42.570000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Patch Day - July 2019",
"trust": 0.8,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523994575"
},
{
"title": "SAP Gateway Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=94601"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-006514"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-462"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-74",
"trust": 1.9
},
{
"problemtype": "CWE-79",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140350"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006514"
},
{
"db": "NVD",
"id": "CVE-2019-0319"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "http://packetstormsecurity.com/files/153661/sapui5-1.0.0-sap-gateway-7.5-7.51-7.52-7.53-content-spoofing.html"
},
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/109074"
},
{
"trust": 2.0,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=523994575"
},
{
"trust": 2.0,
"url": "https://launchpad.support.sap.com/#/notes/2752614"
},
{
"trust": 1.7,
"url": "https://cxsecurity.com/ascii/wlb-2019050283"
},
{
"trust": 1.7,
"url": "https://drive.google.com/open?id=1agfqggvydehsk7mfisfkw7to60yif55f"
},
{
"trust": 1.7,
"url": "https://launchpad.support.sap.com/#/notes/2911267"
},
{
"trust": 1.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0319"
},
{
"trust": 0.9,
"url": "http://www.sap.com/"
},
{
"trust": 0.9,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0319"
},
{
"trust": 0.1,
"url": "https://wiki.scn.sap.com/wiki/display/psr/acknowledgments+to+security+researchers"
},
{
"trust": 0.1,
"url": "https://capec.mitre.org/data/definitions/148.html"
},
{
"trust": 0.1,
"url": "https://sapmobile.target.com/sap/opu/odata/ui2/interop/perscontainers(category=\u0027p"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140350"
},
{
"db": "BID",
"id": "109074"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006514"
},
{
"db": "PACKETSTORM",
"id": "153661"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-462"
},
{
"db": "NVD",
"id": "CVE-2019-0319"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-140350"
},
{
"db": "BID",
"id": "109074"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006514"
},
{
"db": "PACKETSTORM",
"id": "153661"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-462"
},
{
"db": "NVD",
"id": "CVE-2019-0319"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-07-10T00:00:00",
"db": "VULHUB",
"id": "VHN-140350"
},
{
"date": "2019-07-09T00:00:00",
"db": "BID",
"id": "109074"
},
{
"date": "2019-07-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-006514"
},
{
"date": "2019-07-16T02:22:22",
"db": "PACKETSTORM",
"id": "153661"
},
{
"date": "2019-07-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201907-462"
},
{
"date": "2019-07-10T19:15:10.220000",
"db": "NVD",
"id": "CVE-2019-0319"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-140350"
},
{
"date": "2019-07-09T00:00:00",
"db": "BID",
"id": "109074"
},
{
"date": "2019-07-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-006514"
},
{
"date": "2020-06-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201907-462"
},
{
"date": "2024-11-21T04:16:40.700000",
"db": "NVD",
"id": "CVE-2019-0319"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201907-462"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Gateway Vulnerability in injection",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-006514"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201907-462"
}
],
"trust": 0.6
}
}
CVE-2021-21476 (GCVE-0-2021-21476)
Vulnerability from nvd – Published: 2021-02-09 20:44 – Updated: 2024-08-03 18:16
VLAI?
Summary
SAP UI5 versions before 1.38.49, 1.52.49, 1.60.34, 1.71.31, 1.78.18, 1.84.5, 1.85.4, 1.86.1 allows an unauthenticated attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities.
Severity ?
4.7 (Medium)
CWE
- Tabnabbing
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:16:22.644Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=568460543"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/3014303"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SAP UI5",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "\u003c 1.38.49"
},
{
"status": "affected",
"version": "\u003c 1.52.49"
},
{
"status": "affected",
"version": "\u003c 1.60.34"
},
{
"status": "affected",
"version": "\u003c 1.71.31"
},
{
"status": "affected",
"version": "\u003c 1.78.18"
},
{
"status": "affected",
"version": "\u003c 1.84.5"
},
{
"status": "affected",
"version": "\u003c 1.85.4"
},
{
"status": "affected",
"version": "\u003c 1.86.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SAP UI5 versions before 1.38.49, 1.52.49, 1.60.34, 1.71.31, 1.78.18, 1.84.5, 1.85.4, 1.86.1 allows an unauthenticated attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Tabnabbing",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-03T15:55:27",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=568460543"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.support.sap.com/#/notes/3014303"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2021-21476",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAP UI5",
"version": {
"version_data": [
{
"version_name": "\u003c",
"version_value": "1.38.49"
},
{
"version_name": "\u003c",
"version_value": "1.52.49"
},
{
"version_name": "\u003c",
"version_value": "1.60.34"
},
{
"version_name": "\u003c",
"version_value": "1.71.31"
},
{
"version_name": "\u003c",
"version_value": "1.78.18"
},
{
"version_name": "\u003c",
"version_value": "1.84.5"
},
{
"version_name": "\u003c",
"version_value": "1.85.4"
},
{
"version_name": "\u003c",
"version_value": "1.86.1"
}
]
}
}
]
},
"vendor_name": "SAP SE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SAP UI5 versions before 1.38.49, 1.52.49, 1.60.34, 1.71.31, 1.78.18, 1.84.5, 1.85.4, 1.86.1 allows an unauthenticated attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities."
}
]
},
"impact": {
"cvss": {
"baseScore": "4.7",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Tabnabbing"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=568460543",
"refsource": "MISC",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=568460543"
},
{
"name": "https://launchpad.support.sap.com/#/notes/3014303",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/3014303"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2021-21476",
"datePublished": "2021-02-09T20:44:32",
"dateReserved": "2020-12-30T00:00:00",
"dateUpdated": "2024-08-03T18:16:22.644Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0319 (GCVE-0-2019-0319)
Vulnerability from nvd – Published: 2019-07-10 18:51 – Updated: 2024-08-04 17:44
VLAI?
Summary
The SAP Gateway, versions 7.5, 7.51, 7.52 and 7.53, allows an attacker to inject content which is displayed in the form of an error message. An attacker could thus mislead a user to believe this information is from the legitimate service when it's not.
Severity ?
No CVSS data available.
CWE
- Content Injection
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP SE | SAP Gateway |
Affected:
< 7.5
Affected: < 7.51 Affected: < 7.52 Affected: < 7.53 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:44:16.458Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "109074",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/109074"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/2752614"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523994575"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cxsecurity.com/ascii/WLB-2019050283"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://drive.google.com/open?id=1aGFqggvydehSK7MFIsfKW7tO60yiF55f"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/153661/SAPUI5-1.0.0-SAP-Gateway-7.5-7.51-7.52-7.53-Content-Spoofing.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/2911267"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SAP Gateway",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "\u003c 7.5"
},
{
"status": "affected",
"version": "\u003c 7.51"
},
{
"status": "affected",
"version": "\u003c 7.52"
},
{
"status": "affected",
"version": "\u003c 7.53"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The SAP Gateway, versions 7.5, 7.51, 7.52 and 7.53, allows an attacker to inject content which is displayed in the form of an error message. An attacker could thus mislead a user to believe this information is from the legitimate service when it\u0027s not."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Content Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-09T12:46:08",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"name": "109074",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/109074"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.support.sap.com/#/notes/2752614"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523994575"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cxsecurity.com/ascii/WLB-2019050283"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://drive.google.com/open?id=1aGFqggvydehSK7MFIsfKW7tO60yiF55f"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/153661/SAPUI5-1.0.0-SAP-Gateway-7.5-7.51-7.52-7.53-Content-Spoofing.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.support.sap.com/#/notes/2911267"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2019-0319",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAP Gateway",
"version": {
"version_data": [
{
"version_name": "\u003c",
"version_value": "7.5"
},
{
"version_name": "\u003c",
"version_value": "7.51"
},
{
"version_name": "\u003c",
"version_value": "7.52"
},
{
"version_name": "\u003c",
"version_value": "7.53"
}
]
}
}
]
},
"vendor_name": "SAP SE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SAP Gateway, versions 7.5, 7.51, 7.52 and 7.53, allows an attacker to inject content which is displayed in the form of an error message. An attacker could thus mislead a user to believe this information is from the legitimate service when it\u0027s not."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Content Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "109074",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/109074"
},
{
"name": "https://launchpad.support.sap.com/#/notes/2752614",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2752614"
},
{
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523994575",
"refsource": "CONFIRM",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523994575"
},
{
"name": "https://cxsecurity.com/ascii/WLB-2019050283",
"refsource": "MISC",
"url": "https://cxsecurity.com/ascii/WLB-2019050283"
},
{
"name": "https://drive.google.com/open?id=1aGFqggvydehSK7MFIsfKW7tO60yiF55f",
"refsource": "MISC",
"url": "https://drive.google.com/open?id=1aGFqggvydehSK7MFIsfKW7tO60yiF55f"
},
{
"name": "http://packetstormsecurity.com/files/153661/SAPUI5-1.0.0-SAP-Gateway-7.5-7.51-7.52-7.53-Content-Spoofing.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/153661/SAPUI5-1.0.0-SAP-Gateway-7.5-7.51-7.52-7.53-Content-Spoofing.html"
},
{
"name": "https://launchpad.support.sap.com/#/notes/2911267",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2911267"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2019-0319",
"datePublished": "2019-07-10T18:51:55",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:44:16.458Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-2424 (GCVE-0-2018-2424)
Vulnerability from nvd – Published: 2018-06-12 15:00 – Updated: 2024-08-05 04:21
VLAI?
Summary
SAP UI5 did not validate user input before adding it to the DOM structure. This may lead to malicious user-provided JavaScript code being added to the DOM that could steal user information. Software components affected are: SAP Hana Database 1.00, 2.00; SAP UI5 1.00; SAP UI5 (Java) 7.30, 7.31, 7.40, 7,50; SAP UI 7.40, 7.50, 7.51, 7.52, and version 2.0 of SAP UI for SAP NetWeaver 7.00
Severity ?
9.8 (Critical)
CWE
- Cross-Site Scripting
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| SAP SE | SAP HANA Database |
Affected:
1.0
Affected: 2.0 |
||||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:21:33.271Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/2538856"
},
{
"name": "104459",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104459"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SAP HANA Database",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "1.0"
},
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "SAP UI5",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
},
{
"product": "SAP UI5(Java)",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.31"
},
{
"status": "affected",
"version": "7.40"
},
{
"status": "affected",
"version": "7.50"
}
]
},
{
"product": "SAP UI",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "7.40"
},
{
"status": "affected",
"version": "7.50"
},
{
"status": "affected",
"version": "7.51"
},
{
"status": "affected",
"version": "7.52"
}
]
},
{
"product": "SAP UI for SAP NetWeaver 7.00",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"datePublic": "2018-06-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SAP UI5 did not validate user input before adding it to the DOM structure. This may lead to malicious user-provided JavaScript code being added to the DOM that could steal user information. Software components affected are: SAP Hana Database 1.00, 2.00; SAP UI5 1.00; SAP UI5 (Java) 7.30, 7.31, 7.40, 7,50; SAP UI 7.40, 7.50, 7.51, 7.52, and version 2.0 of SAP UI for SAP NetWeaver 7.00"
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-15T09:57:01",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.support.sap.com/#/notes/2538856"
},
{
"name": "104459",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104459"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2018-2424",
"STATE": "PUBLIC",
"vendor_name": "SAP SE"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAP HANA Database",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.0"
},
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "SAP UI5",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.0"
}
]
}
},
{
"product_name": "SAP UI5(Java)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "7.3"
},
{
"version_affected": "=",
"version_value": "7.31"
},
{
"version_affected": "=",
"version_value": "7.40"
},
{
"version_affected": "=",
"version_value": "7.50"
}
]
}
},
{
"product_name": "SAP UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "7.40"
},
{
"version_affected": "=",
"version_value": "7.50"
},
{
"version_affected": "=",
"version_value": "7.51"
},
{
"version_affected": "=",
"version_value": "7.52"
}
]
}
},
{
"product_name": "SAP UI for SAP NetWeaver 7.00",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "SAP SE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SAP UI5 did not validate user input before adding it to the DOM structure. This may lead to malicious user-provided JavaScript code being added to the DOM that could steal user information. Software components affected are: SAP Hana Database 1.00, 2.00; SAP UI5 1.00; SAP UI5 (Java) 7.30, 7.31, 7.40, 7,50; SAP UI 7.40, 7.50, 7.51, 7.52, and version 2.0 of SAP UI for SAP NetWeaver 7.00"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://launchpad.support.sap.com/#/notes/2538856",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2538856"
},
{
"name": "104459",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104459"
},
{
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255",
"refsource": "CONFIRM",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2018-2424",
"datePublished": "2018-06-12T15:00:00",
"dateReserved": "2017-12-15T00:00:00",
"dateUpdated": "2024-08-05T04:21:33.271Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-21476 (GCVE-0-2021-21476)
Vulnerability from cvelistv5 – Published: 2021-02-09 20:44 – Updated: 2024-08-03 18:16
VLAI?
Summary
SAP UI5 versions before 1.38.49, 1.52.49, 1.60.34, 1.71.31, 1.78.18, 1.84.5, 1.85.4, 1.86.1 allows an unauthenticated attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities.
Severity ?
4.7 (Medium)
CWE
- Tabnabbing
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:16:22.644Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=568460543"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/3014303"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SAP UI5",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "\u003c 1.38.49"
},
{
"status": "affected",
"version": "\u003c 1.52.49"
},
{
"status": "affected",
"version": "\u003c 1.60.34"
},
{
"status": "affected",
"version": "\u003c 1.71.31"
},
{
"status": "affected",
"version": "\u003c 1.78.18"
},
{
"status": "affected",
"version": "\u003c 1.84.5"
},
{
"status": "affected",
"version": "\u003c 1.85.4"
},
{
"status": "affected",
"version": "\u003c 1.86.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SAP UI5 versions before 1.38.49, 1.52.49, 1.60.34, 1.71.31, 1.78.18, 1.84.5, 1.85.4, 1.86.1 allows an unauthenticated attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Tabnabbing",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-03T15:55:27",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=568460543"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.support.sap.com/#/notes/3014303"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2021-21476",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAP UI5",
"version": {
"version_data": [
{
"version_name": "\u003c",
"version_value": "1.38.49"
},
{
"version_name": "\u003c",
"version_value": "1.52.49"
},
{
"version_name": "\u003c",
"version_value": "1.60.34"
},
{
"version_name": "\u003c",
"version_value": "1.71.31"
},
{
"version_name": "\u003c",
"version_value": "1.78.18"
},
{
"version_name": "\u003c",
"version_value": "1.84.5"
},
{
"version_name": "\u003c",
"version_value": "1.85.4"
},
{
"version_name": "\u003c",
"version_value": "1.86.1"
}
]
}
}
]
},
"vendor_name": "SAP SE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SAP UI5 versions before 1.38.49, 1.52.49, 1.60.34, 1.71.31, 1.78.18, 1.84.5, 1.85.4, 1.86.1 allows an unauthenticated attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities."
}
]
},
"impact": {
"cvss": {
"baseScore": "4.7",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Tabnabbing"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=568460543",
"refsource": "MISC",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=568460543"
},
{
"name": "https://launchpad.support.sap.com/#/notes/3014303",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/3014303"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2021-21476",
"datePublished": "2021-02-09T20:44:32",
"dateReserved": "2020-12-30T00:00:00",
"dateUpdated": "2024-08-03T18:16:22.644Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0319 (GCVE-0-2019-0319)
Vulnerability from cvelistv5 – Published: 2019-07-10 18:51 – Updated: 2024-08-04 17:44
VLAI?
Summary
The SAP Gateway, versions 7.5, 7.51, 7.52 and 7.53, allows an attacker to inject content which is displayed in the form of an error message. An attacker could thus mislead a user to believe this information is from the legitimate service when it's not.
Severity ?
No CVSS data available.
CWE
- Content Injection
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP SE | SAP Gateway |
Affected:
< 7.5
Affected: < 7.51 Affected: < 7.52 Affected: < 7.53 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:44:16.458Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "109074",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/109074"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/2752614"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523994575"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cxsecurity.com/ascii/WLB-2019050283"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://drive.google.com/open?id=1aGFqggvydehSK7MFIsfKW7tO60yiF55f"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/153661/SAPUI5-1.0.0-SAP-Gateway-7.5-7.51-7.52-7.53-Content-Spoofing.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/2911267"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SAP Gateway",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "\u003c 7.5"
},
{
"status": "affected",
"version": "\u003c 7.51"
},
{
"status": "affected",
"version": "\u003c 7.52"
},
{
"status": "affected",
"version": "\u003c 7.53"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The SAP Gateway, versions 7.5, 7.51, 7.52 and 7.53, allows an attacker to inject content which is displayed in the form of an error message. An attacker could thus mislead a user to believe this information is from the legitimate service when it\u0027s not."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Content Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-09T12:46:08",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"name": "109074",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/109074"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.support.sap.com/#/notes/2752614"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523994575"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cxsecurity.com/ascii/WLB-2019050283"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://drive.google.com/open?id=1aGFqggvydehSK7MFIsfKW7tO60yiF55f"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/153661/SAPUI5-1.0.0-SAP-Gateway-7.5-7.51-7.52-7.53-Content-Spoofing.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.support.sap.com/#/notes/2911267"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2019-0319",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAP Gateway",
"version": {
"version_data": [
{
"version_name": "\u003c",
"version_value": "7.5"
},
{
"version_name": "\u003c",
"version_value": "7.51"
},
{
"version_name": "\u003c",
"version_value": "7.52"
},
{
"version_name": "\u003c",
"version_value": "7.53"
}
]
}
}
]
},
"vendor_name": "SAP SE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SAP Gateway, versions 7.5, 7.51, 7.52 and 7.53, allows an attacker to inject content which is displayed in the form of an error message. An attacker could thus mislead a user to believe this information is from the legitimate service when it\u0027s not."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Content Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "109074",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/109074"
},
{
"name": "https://launchpad.support.sap.com/#/notes/2752614",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2752614"
},
{
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523994575",
"refsource": "CONFIRM",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523994575"
},
{
"name": "https://cxsecurity.com/ascii/WLB-2019050283",
"refsource": "MISC",
"url": "https://cxsecurity.com/ascii/WLB-2019050283"
},
{
"name": "https://drive.google.com/open?id=1aGFqggvydehSK7MFIsfKW7tO60yiF55f",
"refsource": "MISC",
"url": "https://drive.google.com/open?id=1aGFqggvydehSK7MFIsfKW7tO60yiF55f"
},
{
"name": "http://packetstormsecurity.com/files/153661/SAPUI5-1.0.0-SAP-Gateway-7.5-7.51-7.52-7.53-Content-Spoofing.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/153661/SAPUI5-1.0.0-SAP-Gateway-7.5-7.51-7.52-7.53-Content-Spoofing.html"
},
{
"name": "https://launchpad.support.sap.com/#/notes/2911267",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2911267"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2019-0319",
"datePublished": "2019-07-10T18:51:55",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:44:16.458Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-2424 (GCVE-0-2018-2424)
Vulnerability from cvelistv5 – Published: 2018-06-12 15:00 – Updated: 2024-08-05 04:21
VLAI?
Summary
SAP UI5 did not validate user input before adding it to the DOM structure. This may lead to malicious user-provided JavaScript code being added to the DOM that could steal user information. Software components affected are: SAP Hana Database 1.00, 2.00; SAP UI5 1.00; SAP UI5 (Java) 7.30, 7.31, 7.40, 7,50; SAP UI 7.40, 7.50, 7.51, 7.52, and version 2.0 of SAP UI for SAP NetWeaver 7.00
Severity ?
9.8 (Critical)
CWE
- Cross-Site Scripting
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| SAP SE | SAP HANA Database |
Affected:
1.0
Affected: 2.0 |
||||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:21:33.271Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/2538856"
},
{
"name": "104459",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104459"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SAP HANA Database",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "1.0"
},
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "SAP UI5",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
},
{
"product": "SAP UI5(Java)",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.31"
},
{
"status": "affected",
"version": "7.40"
},
{
"status": "affected",
"version": "7.50"
}
]
},
{
"product": "SAP UI",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "7.40"
},
{
"status": "affected",
"version": "7.50"
},
{
"status": "affected",
"version": "7.51"
},
{
"status": "affected",
"version": "7.52"
}
]
},
{
"product": "SAP UI for SAP NetWeaver 7.00",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"datePublic": "2018-06-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SAP UI5 did not validate user input before adding it to the DOM structure. This may lead to malicious user-provided JavaScript code being added to the DOM that could steal user information. Software components affected are: SAP Hana Database 1.00, 2.00; SAP UI5 1.00; SAP UI5 (Java) 7.30, 7.31, 7.40, 7,50; SAP UI 7.40, 7.50, 7.51, 7.52, and version 2.0 of SAP UI for SAP NetWeaver 7.00"
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-15T09:57:01",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.support.sap.com/#/notes/2538856"
},
{
"name": "104459",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104459"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2018-2424",
"STATE": "PUBLIC",
"vendor_name": "SAP SE"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAP HANA Database",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.0"
},
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "SAP UI5",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.0"
}
]
}
},
{
"product_name": "SAP UI5(Java)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "7.3"
},
{
"version_affected": "=",
"version_value": "7.31"
},
{
"version_affected": "=",
"version_value": "7.40"
},
{
"version_affected": "=",
"version_value": "7.50"
}
]
}
},
{
"product_name": "SAP UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "7.40"
},
{
"version_affected": "=",
"version_value": "7.50"
},
{
"version_affected": "=",
"version_value": "7.51"
},
{
"version_affected": "=",
"version_value": "7.52"
}
]
}
},
{
"product_name": "SAP UI for SAP NetWeaver 7.00",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "SAP SE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SAP UI5 did not validate user input before adding it to the DOM structure. This may lead to malicious user-provided JavaScript code being added to the DOM that could steal user information. Software components affected are: SAP Hana Database 1.00, 2.00; SAP UI5 1.00; SAP UI5 (Java) 7.30, 7.31, 7.40, 7,50; SAP UI 7.40, 7.50, 7.51, 7.52, and version 2.0 of SAP UI for SAP NetWeaver 7.00"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://launchpad.support.sap.com/#/notes/2538856",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2538856"
},
{
"name": "104459",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104459"
},
{
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255",
"refsource": "CONFIRM",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2018-2424",
"datePublished": "2018-06-12T15:00:00",
"dateReserved": "2017-12-15T00:00:00",
"dateUpdated": "2024-08-05T04:21:33.271Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}