VAR-201107-0311
Vulnerability from variot - Updated: 2022-05-17 02:06A security vulnerability exists in SAP NetWeaver that is passed to the CIDXBTDDump.jsp in the Ispeak Details Monitoring application (com.sap.aii.af.ispeak.app). The input to the BTDDump.jsp and RNIF11BTDDump.jsp script \"txtBtdID\" parameters is missing before returning to the user. Filtering can lead to cross-site scripting attacks. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. SAP NetWeaver has security vulnerabilities. Business Communication Broker does not properly restrict the use of certain functions. Attackers can exploit vulnerabilities to obtain sensitive information such as J2EE patch levels and internal IP addresses. When processing the tag of a SOAP-RFC request, the XML parser has an integer overflow error. The attacker can exploit the vulnerability to terminate the disp+work.exe service, causing a denial of service attack. An attacker may leverage the issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, disclose sensitive information, or cause denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201107-0311",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 2.7,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver sp15",
"scope": "eq",
"trust": 2.1,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver sp8",
"scope": "eq",
"trust": 2.1,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 2.1,
"vendor": "sap",
"version": "7.10"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 2.1,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 2.1,
"vendor": "sap",
"version": "7.02"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 2.1,
"vendor": "sap",
"version": "7.01"
},
{
"model": "netweaver sp15",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.0*"
},
{
"model": "netweaver sp8",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.0*"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.10*"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.30*"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.02*"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.01*"
}
],
"sources": [
{
"db": "IVD",
"id": "2ca34f36-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "56f6d208-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "539f900e-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2737"
},
{
"db": "CNVD",
"id": "CNVD-2011-2735"
},
{
"db": "CNVD",
"id": "CNVD-2011-2739"
},
{
"db": "BID",
"id": "48718"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alexander Polyakov, Dmitriy Evdokimov, and Alexey Sintsov from DSecRG",
"sources": [
{
"db": "BID",
"id": "48718"
}
],
"trust": 0.3
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "2ca34f36-1f8f-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
},
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "56f6d208-1f8f-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
},
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "539f900e-1f8f-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
}
],
"cvssV3": [],
"severity": [
{
"author": "IVD",
"id": "2ca34f36-1f8f-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "IVD",
"id": "56f6d208-1f8f-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "539f900e-1f8f-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "2ca34f36-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "56f6d208-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "539f900e-1f8f-11e6-abef-000c29c66e3d"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A security vulnerability exists in SAP NetWeaver that is passed to the CIDXBTDDump.jsp in the Ispeak Details Monitoring application (com.sap.aii.af.ispeak.app). The input to the BTDDump.jsp and RNIF11BTDDump.jsp script \\\"txtBtdID\\\" parameters is missing before returning to the user. Filtering can lead to cross-site scripting attacks. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. SAP NetWeaver has security vulnerabilities. Business Communication Broker does not properly restrict the use of certain functions. Attackers can exploit vulnerabilities to obtain sensitive information such as J2EE patch levels and internal IP addresses. When processing the tag of a SOAP-RFC request, the XML parser has an integer overflow error. The attacker can exploit the vulnerability to terminate the disp+work.exe service, causing a denial of service attack. \nAn attacker may leverage the issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, disclose sensitive information, or cause denial-of-service conditions",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-2737"
},
{
"db": "CNVD",
"id": "CNVD-2011-2735"
},
{
"db": "CNVD",
"id": "CNVD-2011-2739"
},
{
"db": "BID",
"id": "48718"
},
{
"db": "IVD",
"id": "2ca34f36-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "56f6d208-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "539f900e-1f8f-11e6-abef-000c29c66e3d"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "48718",
"trust": 2.1
},
{
"db": "CNVD",
"id": "CNVD-2011-2735",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2011-2737",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2011-2739",
"trust": 0.8
},
{
"db": "IVD",
"id": "2CA34F36-1F8F-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "56F6D208-1F8F-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "539F900E-1F8F-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "2ca34f36-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "56f6d208-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "539f900e-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2737"
},
{
"db": "CNVD",
"id": "CNVD-2011-2735"
},
{
"db": "CNVD",
"id": "CNVD-2011-2739"
},
{
"db": "BID",
"id": "48718"
}
]
},
"id": "VAR-201107-0311",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "2ca34f36-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "56f6d208-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "539f900e-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2737"
},
{
"db": "CNVD",
"id": "CNVD-2011-2735"
},
{
"db": "CNVD",
"id": "CNVD-2011-2739"
}
],
"trust": 2.8925504733333334
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 2.4
}
],
"sources": [
{
"db": "IVD",
"id": "2ca34f36-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "56f6d208-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "539f900e-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2737"
},
{
"db": "CNVD",
"id": "CNVD-2011-2735"
},
{
"db": "CNVD",
"id": "CNVD-2011-2739"
}
]
},
"last_update_date": "2022-05-17T02:06:03.945000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for SAP Netweaver Cross-Site Scripting Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/4438"
},
{
"title": "Patch for SAP Netweaver Information Disclosure Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/4437"
},
{
"title": "Patch for SAP Netweaver Denial of Service Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/4440"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-2737"
},
{
"db": "CNVD",
"id": "CNVD-2011-2735"
},
{
"db": "CNVD",
"id": "CNVD-2011-2739"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.9,
"url": "http://dsecrg.com/pages/vul/show.php?id=328"
},
{
"trust": 0.9,
"url": "http://dsecrg.com/pages/vul/show.php?id=327"
},
{
"trust": 0.9,
"url": "http://dsecrg.com/pages/vul/show.php?id=329"
},
{
"trust": 0.3,
"url": "http://www.sap.com/platform/netweaver/index.epx"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-2737"
},
{
"db": "CNVD",
"id": "CNVD-2011-2735"
},
{
"db": "CNVD",
"id": "CNVD-2011-2739"
},
{
"db": "BID",
"id": "48718"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "2ca34f36-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "56f6d208-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "539f900e-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2737"
},
{
"db": "CNVD",
"id": "CNVD-2011-2735"
},
{
"db": "CNVD",
"id": "CNVD-2011-2739"
},
{
"db": "BID",
"id": "48718"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-20T00:00:00",
"db": "IVD",
"id": "2ca34f36-1f8f-11e6-abef-000c29c66e3d"
},
{
"date": "2011-07-20T00:00:00",
"db": "IVD",
"id": "56f6d208-1f8f-11e6-abef-000c29c66e3d"
},
{
"date": "2011-07-20T00:00:00",
"db": "IVD",
"id": "539f900e-1f8f-11e6-abef-000c29c66e3d"
},
{
"date": "2011-07-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-2737"
},
{
"date": "2011-07-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-2735"
},
{
"date": "2011-07-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-2739"
},
{
"date": "2011-07-19T00:00:00",
"db": "BID",
"id": "48718"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-2737"
},
{
"date": "2011-07-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-2735"
},
{
"date": "2011-07-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-2739"
},
{
"date": "2011-07-19T00:00:00",
"db": "BID",
"id": "48718"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "48718"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Netweaver Information Disclosure Vulnerability",
"sources": [
{
"db": "IVD",
"id": "2ca34f36-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2735"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "48718"
}
],
"trust": 0.3
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…