Sign-up

ID

VAR-201302-0415


TITLE

SAP SMD agent Arbitrary Program Installation Execution Vulnerability

Trust: 0.8

sources: IVD: fd741566-1f33-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-01362

DESCRIPTION

SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. The SAP SMD agent provides an interface for listening to and processing the P4 protocol. It is a proprietary SAP protocol that allows you to obtain some version and configuration information for configuring installed programs and installing/removing applications

Trust: 0.72

sources: CNVD: CNVD-2013-01362 // IVD: fd741566-1f33-11e6-abef-000c29c66e3d

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: fd741566-1f33-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-01362

AFFECTED PRODUCTS

vendor:sapmodel:netweaverscope:eqversion:7.x

Trust: 0.6

vendor:sapmodel:ccms agentscope: - version: -

Trust: 0.6

vendor:sapmodel:netweaverscope:eqversion:7.x*

Trust: 0.2

vendor:sapmodel:ccms agent nullscope:eqversion:*

Trust: 0.2

sources: IVD: fd741566-1f33-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-01362

CVSS

SEVERITY

CVSSV2

CVSSV3

IVD: fd741566-1f33-11e6-abef-000c29c66e3d
value: HIGH

Trust: 0.2

IVD: fd741566-1f33-11e6-abef-000c29c66e3d
severity: NONE
baseScore: NONE
vectorString: NONE
accessVector: NONE
accessComplexity: NONE
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: UNKNOWN

Trust: 0.2

sources: IVD: fd741566-1f33-11e6-abef-000c29c66e3d

TYPE

Design error

Trust: 0.2

sources: IVD: fd741566-1f33-11e6-abef-000c29c66e3d

PATCH

title:SAP SMD agent arbitrary program to install patches for execution vulnerabilitiesurl:https://www.cnvd.org.cn/patchinfo/show/32385

Trust: 0.6

sources: CNVD: CNVD-2013-01362

EXTERNAL IDS

db:CNVDid:CNVD-2013-01362

Trust: 0.8

db:IVDid:FD741566-1F33-11E6-ABEF-000C29C66E3D

Trust: 0.2

sources: IVD: fd741566-1f33-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-01362

REFERENCES

url:http://archives.neohapsis.com/archives/bugtraq/2013-02/0134.html

Trust: 0.6

sources: CNVD: CNVD-2013-01362

SOURCES

db:IVDid:fd741566-1f33-11e6-abef-000c29c66e3d
db:CNVDid:CNVD-2013-01362

LAST UPDATE DATE

2022-05-17T02:02:35.534000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2013-01362date:2013-02-28T00:00:00

SOURCES RELEASE DATE

db:IVDid:fd741566-1f33-11e6-abef-000c29c66e3ddate:2013-02-28T00:00:00
db:CNVDid:CNVD-2013-01362date:2013-02-28T00:00:00