VAR-190001-0066
Vulnerability from variot - Updated: 2022-05-17 01:55SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. There are several security vulnerabilities in SAP NetWeaver, including: (1) There are errors in the access control processing of some resources, which can be utilized to obtain the Runtime Workbench resources. (2) The access restriction implementation provides a \"PFL_CHECK_OS_FILE_EXISTENCE\" function with an error that can be exploited to enumerate system files. (3) Passing the \"TXVDestination\" parameter to TextContainerAdmin/administration_setup.jsp, the input of the \"ValueIndustry\", \"ValueRegion\" and \"ValueExtension\" parameters passed to the system_context_settings.jsp script is not filtered before being displayed to the user, which can result in injecting arbitrary HTML and Script code. (4) Inputs passed to bcbadmSettings.jsp via the \"cc0Host\", \"cc0Id\", \"cc0Path\", \"cc0Port\" and \"cc0Protocol\" parameters are not filtered before being returned to the user and can be exploited to execute arbitrary HTML and script code. SAP NetWeaver is prone to multiple cross-site scripting vulnerabilities, multiple HTML-injection vulnerabilities, a security-bypass vulnerability, and an information-disclosure vulnerability. Attackers can exploit these issues to execute arbitrary script code in the context of the website, steal cookie-based authentication information, disclose sensitive information, or bypass certain security restrictions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-190001-0066",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver rwb",
"scope": "eq",
"trust": 0.9,
"vendor": "sap",
"version": "0"
},
{
"model": "netweaver business communication broker",
"scope": "eq",
"trust": 0.9,
"vendor": "sap",
"version": "0"
},
{
"model": "netweaver text container administration application sp1 pat",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.20"
},
{
"model": "netweaver sp6",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.02"
},
{
"model": "netweaver text container administration application sp1 pat",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.200"
},
{
"model": "netweaver sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.020"
},
{
"model": "netweaver text container administration application sp1 pat",
"scope": "eq",
"trust": 0.2,
"vendor": "sap",
"version": "7.20*"
},
{
"model": "netweaver rwb",
"scope": "eq",
"trust": 0.2,
"vendor": "sap",
"version": "0*"
},
{
"model": "netweaver business communication broker",
"scope": "eq",
"trust": 0.2,
"vendor": "sap",
"version": "0*"
},
{
"model": "netweaver sp6",
"scope": "eq",
"trust": 0.2,
"vendor": "sap",
"version": "7.02*"
}
],
"sources": [
{
"db": "IVD",
"id": "4b0c87bc-1f76-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-0405"
},
{
"db": "BID",
"id": "51645"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alexander Polyakov, Alexey Tuyrin, Neyolov Evgeny and Dmitriy Evdokimov of DSecRG",
"sources": [
{
"db": "BID",
"id": "51645"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-014"
}
],
"trust": 0.9
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "4b0c87bc-1f76-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
}
],
"cvssV3": [],
"severity": [
{
"author": "IVD",
"id": "4b0c87bc-1f76-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "4b0c87bc-1f76-11e6-abef-000c29c66e3d"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. There are several security vulnerabilities in SAP NetWeaver, including: (1) There are errors in the access control processing of some resources, which can be utilized to obtain the Runtime Workbench resources. (2) The access restriction implementation provides a \\\"PFL_CHECK_OS_FILE_EXISTENCE\\\" function with an error that can be exploited to enumerate system files. (3) Passing the \\\"TXVDestination\\\" parameter to TextContainerAdmin/administration_setup.jsp, the input of the \\\"ValueIndustry\\\", \\\"ValueRegion\\\" and \\\"ValueExtension\\\" parameters passed to the system_context_settings.jsp script is not filtered before being displayed to the user, which can result in injecting arbitrary HTML and Script code. (4) Inputs passed to bcbadmSettings.jsp via the \\\"cc0Host\\\", \\\"cc0Id\\\", \\\"cc0Path\\\", \\\"cc0Port\\\" and \\\"cc0Protocol\\\" parameters are not filtered before being returned to the user and can be exploited to execute arbitrary HTML and script code. SAP NetWeaver is prone to multiple cross-site scripting vulnerabilities, multiple HTML-injection vulnerabilities, a security-bypass vulnerability, and an information-disclosure vulnerability. \nAttackers can exploit these issues to execute arbitrary script code in the context of the website, steal cookie-based authentication information, disclose sensitive information, or bypass certain security restrictions",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-0405"
},
{
"db": "BID",
"id": "51645"
},
{
"db": "IVD",
"id": "4b0c87bc-1f76-11e6-abef-000c29c66e3d"
}
],
"trust": 0.99
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "51645",
"trust": 1.5
},
{
"db": "CNVD",
"id": "CNVD-2012-0405",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201202-014",
"trust": 0.6
},
{
"db": "IVD",
"id": "4B0C87BC-1F76-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "4b0c87bc-1f76-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-0405"
},
{
"db": "BID",
"id": "51645"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-014"
}
]
},
"id": "VAR-190001-0066",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "4b0c87bc-1f76-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-0405"
}
],
"trust": 1.6333333
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "4b0c87bc-1f76-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-0405"
}
]
},
"last_update_date": "2022-05-17T01:55:40.421000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP NetWeaver has multiple patches for remote vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/8652"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-0405"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://dsecrg.com/pages/vul/show.php?id=408http"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/51645"
},
{
"trust": 0.3,
"url": "http://dsecrg.com/pages/vul/show.php?id=408"
},
{
"trust": 0.3,
"url": "http://dsecrg.com/pages/vul/show.php?id=409"
},
{
"trust": 0.3,
"url": "http://dsecrg.com/pages/vul/show.php?id=410"
},
{
"trust": 0.3,
"url": "http://dsecrg.com/pages/vul/show.php?id=411"
},
{
"trust": 0.3,
"url": "http://www.sap.com/"
},
{
"trust": 0.3,
"url": "https://service.sap.com/sap/support/notes/1567389"
},
{
"trust": 0.3,
"url": "https://service.sap.com/sap/support/notes/1585652"
},
{
"trust": 0.3,
"url": "https://service.sap.com/sap/support/notes/1591146"
},
{
"trust": 0.3,
"url": "https://service.sap.com/sap/support/notes/1591749"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-0405"
},
{
"db": "BID",
"id": "51645"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-014"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "4b0c87bc-1f76-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-0405"
},
{
"db": "BID",
"id": "51645"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-014"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-02-03T00:00:00",
"db": "IVD",
"id": "4b0c87bc-1f76-11e6-abef-000c29c66e3d"
},
{
"date": "2012-02-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0405"
},
{
"date": "2012-01-24T00:00:00",
"db": "BID",
"id": "51645"
},
{
"date": "1900-01-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201202-014"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-02-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0405"
},
{
"date": "2012-01-25T21:30:00",
"db": "BID",
"id": "51645"
},
{
"date": "2012-02-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201202-014"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201202-014"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple remote vulnerabilities exist in SAP NetWeaver",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-0405"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "51645"
}
],
"trust": 0.3
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…