Details of VAR-201303-0440

ID

VAR-201303-0440

TITLE

SAP NetWeaver BAPI SMB Arbitrary File Disclosure Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2013-01891

DESCRIPTION

SAP NetWeaver is the technical foundation of SAP's integrated technology platform and all SAP applications since SAP Business Suite. When SAP NetWeaver processes SMB, there is an error in the BAPI function, which can cause any file on the SAP server file system to be leaked through the SMB relay attack. SAP NetWeaver is prone to an arbitrary file-disclosure vulnerability because it fails to properly sanitize user-supplied input before being used to read files. Remote attackers can exploit this issue to disclose arbitrary files in the context of the application. This may aid in further attacks. SAP NetWeaver 7.30 is vulnerable; other versions may also be affected

Trust: 0.99

sources: CNVD: CNVD-2013-01891 // BID: 58487 // IVD: 62a24538-1f30-11e6-abef-000c29c66e3d

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: 62a24538-1f30-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-01891

AFFECTED PRODUCTS

vendor:	sap	model:	netweaver	scope:	eq	version:	7.3	Trust: 0.8
vendor:	sap	model:	netweaver	scope:	eq	version:	7.30	Trust: 0.3

sources: IVD: 62a24538-1f30-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-01891 // BID: 58487

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2013-01891
value:	MEDIUM
Trust: 0.6
IVD:	62a24538-1f30-11e6-abef-000c29c66e3d
value:	MEDIUM
Trust: 0.2

CNVD:	CNVD-2013-01891
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	62a24538-1f30-11e6-abef-000c29c66e3d
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

sources: IVD: 62a24538-1f30-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-01891

THREAT TYPE

network

Trust: 0.3

sources: BID: 58487

TYPE

Input Validation Error

Trust: 0.3

sources: BID: 58487

PATCH

title:

Patch for SAP NetWeaver BAPI SMB Arbitrary File Disclosure Vulnerability

url:

https://www.cnvd.org.cn/patchinfo/show/32937

Trust: 0.6

sources: CNVD: CNVD-2013-01891

EXTERNAL IDS

db:	BID	id:	58487	Trust: 0.9
db:	CNVD	id:	CNVD-2013-01891	Trust: 0.8
db:	SECUNIA	id:	52598	Trust: 0.6
db:	IVD	id:	62A24538-1F30-11E6-ABEF-000C29C66E3D	Trust: 0.2

sources: IVD: 62a24538-1f30-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-01891 // BID: 58487

REFERENCES

url:	http://secunia.com/advisories/52598/	Trust: 0.6
url:	http://erpscan.com/advisories/dsecrg-13-005-sap-netweaver-bapi-smb-relay-vulnerability/	Trust: 0.3
url:	http://www.sap.com/	Trust: 0.3
url:	https://websmp130.sap-ag.de/sap/support/notes/1446476	Trust: 0.3

sources: CNVD: CNVD-2013-01891 // BID: 58487

CREDITS

Nikolay Mescherin (ERPScan)

Trust: 0.3

sources: BID: 58487

SOURCES

db:	IVD	id:	62a24538-1f30-11e6-abef-000c29c66e3d
db:	CNVD	id:	CNVD-2013-01891
db:	BID	id:	58487

LAST UPDATE DATE

2022-05-17T01:41:29.437000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2013-01891	date:	2013-05-27T00:00:00
db:	BID	id:	58487	date:	2013-02-20T00:00:00

SOURCES RELEASE DATE

db:	IVD	id:	62a24538-1f30-11e6-abef-000c29c66e3d	date:	2013-03-21T00:00:00
db:	CNVD	id:	CNVD-2013-01891	date:	2013-03-20T00:00:00
db:	BID	id:	58487	date:	2013-02-20T00:00:00