ID
VAR-201108-0303
TITLE
SAP NetWeaver 'EPS_DELETE_FILE' Arbitrary File Removal Vulnerability
Trust: 0.6
DESCRIPTION
SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. The \"EPS_DELETE_FILE\" function has an input validation error, and an attacker submits a directory traversal sequence request to delete any file. To successfully exploit the vulnerability you need access to the default SAP account TMSADM or SAPCPIC. ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: SAP NetWeaver "EPS_DELETE_FILE" Arbitrary File Deletion Vulnerability SECUNIA ADVISORY ID: SA45715 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45715/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45715 RELEASE DATE: 2011-08-27 DISCUSS ADVISORY: http://secunia.com/advisories/45715/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45715/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45715 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Alexey Sintsov has reported a vulnerability in SAP NetWeaver, which can be exploited by malicious users to manipulate certain data. TMSADM or SAPCPIC. SOLUTION: Apply fixes. Please see the vendor's advisory for details. PROVIDED AND/OR DISCOVERED BY: Alexey Sintsov, Digital Security Research Group (DSecRG). ORIGINAL ADVISORY: SAP: https://service.sap.com/sap/support/notes/1554030 Digital Security Research Group: http://dsecrg.com/pages/vul/show.php?id=331 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
Trust: 0.81
IOT TAXONOMY
| category: | ['ICS'] | sub_category: | - | Trust: 0.8 |
AFFECTED PRODUCTS
| vendor: | sap | model: | netweaver | scope: | eq | version: | 7.x | Trust: 0.8 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||
|
|
TYPE
Permission permission and access control
Trust: 0.2
PATCH
| title: | SAP NetWeaver 'EPS_DELETE_FILE' patch for arbitrary file removal vulnerability | url: | https://www.cnvd.org.cn/patchinfo/show/4907 | Trust: 0.6 |
EXTERNAL IDS
| db: | CNVD | id: | CNVD-2011-3380 | Trust: 0.8 |
| db: | SECUNIA | id: | 45715 | Trust: 0.7 |
| db: | IVD | id: | C4AD916A-1F8A-11E6-ABEF-000C29C66E3D | Trust: 0.2 |
| db: | PACKETSTORM | id: | 104507 | Trust: 0.1 |
REFERENCES
| url: | http://secunia.com/advisories/45715/http | Trust: 0.6 |
| url: | http://secunia.com/vulnerability_intelligence/ | Trust: 0.1 |
| url: | http://secunia.com/blog/242 | Trust: 0.1 |
| url: | http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ | Trust: 0.1 |
| url: | http://secunia.com/advisories/secunia_security_advisories/ | Trust: 0.1 |
| url: | http://secunia.com/advisories/45715/#comments | Trust: 0.1 |
| url: | http://secunia.com/advisories/45715/ | Trust: 0.1 |
| url: | http://secunia.com/vulnerability_scanning/personal/ | Trust: 0.1 |
| url: | http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org | Trust: 0.1 |
| url: | https://service.sap.com/sap/support/notes/1554030 | Trust: 0.1 |
| url: | http://dsecrg.com/pages/vul/show.php?id=331 | Trust: 0.1 |
| url: | https://ca.secunia.com/?page=viewadvisory&vuln_id=45715 | Trust: 0.1 |
| url: | http://secunia.com/advisories/about_secunia_advisories/ | Trust: 0.1 |
CREDITS
Secunia
Trust: 0.1
SOURCES
| db: | IVD | id: | c4ad916a-1f8a-11e6-abef-000c29c66e3d |
| db: | CNVD | id: | CNVD-2011-3380 |
| db: | PACKETSTORM | id: | 104507 |
LAST UPDATE DATE
2022-05-17T22:46:29.008000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2011-3380 | date: | 2011-08-29T00:00:00 |
SOURCES RELEASE DATE
| db: | IVD | id: | c4ad916a-1f8a-11e6-abef-000c29c66e3d | date: | 2011-08-29T00:00:00 |
| db: | CNVD | id: | CNVD-2011-3380 | date: | 2011-08-29T00:00:00 |
| db: | PACKETSTORM | id: | 104507 | date: | 2011-08-27T06:04:08 |