Sign-up

ID

VAR-201404-0501


CVE

CVE-2014-0984


TITLE

SAProuter Information Disclosure Vulnerability

Trust: 0.8

sources: IVD: 7593d75a-1edc-11e6-abef-000c29c66e3d // CNVD: CNVD-2014-02529

DESCRIPTION

The passwordCheck function in SAP Router 721 patch 117, 720 patch 411, 710 patch 029, and earlier terminates validation of a Route Permission Table entry password upon encountering the first incorrect character, which allows remote attackers to obtain passwords via a brute-force attack that relies on timing differences in responses to incorrect password guesses, aka a timing side-channel attack. SAProuter is an SAP program that protects your SAP network from unauthorized access behavior. There is an information disclosure vulnerability in SAProuter. Allows an attacker to recover the privilege password of the plaintext routing table by exploiting a timed attack. SAProuter is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. There is a security vulnerability in the 'passwordCheck' function of SAP Router 721 patch 117, 720 patch 411 and 710 patch 029

Trust: 2.79

sources: NVD: CVE-2014-0984 // JVNDB: JVNDB-2014-002173 // CNVD: CNVD-2014-02529 // BID: 66938 // IVD: 7593d75a-1edc-11e6-abef-000c29c66e3d // VULHUB: VHN-68477 // VULMON: CVE-2014-0984

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: 7593d75a-1edc-11e6-abef-000c29c66e3d // CNVD: CNVD-2014-02529

AFFECTED PRODUCTS

vendor:sapmodel:routerscope:eqversion:710

Trust: 1.6

vendor:sapmodel:routerscope:eqversion:721

Trust: 1.6

vendor:sapmodel:routerscope:eqversion:720

Trust: 1.6

vendor:sapmodel:network interface routerscope:lteversion:(saprouter) 710 patch 029

Trust: 0.8

vendor:sapmodel:network interface routerscope:eqversion:(saprouter) 720 patch 411

Trust: 0.8

vendor:sapmodel:network interface routerscope:eqversion:(saprouter) 721 patch 117

Trust: 0.8

vendor:sapmodel:saprouter patch levelscope:eqversion:721117

Trust: 0.6

vendor:sapmodel:saprouter patch levelscope:eqversion:720411

Trust: 0.6

vendor:sapmodel:saprouter patch levelscope:eqversion:710029

Trust: 0.6

vendor:sapmodel:saprouter release patch lescope:eqversion:721

Trust: 0.3

vendor:sapmodel:saprouter release patch lescope:eqversion:720

Trust: 0.3

vendor:sapmodel:saprouter release patch lescope:eqversion:710

Trust: 0.3

vendor:routermodel: - scope:eqversion:710

Trust: 0.2

vendor:routermodel: - scope:eqversion:720

Trust: 0.2

vendor:routermodel: - scope:eqversion:721

Trust: 0.2

sources: IVD: 7593d75a-1edc-11e6-abef-000c29c66e3d // CNVD: CNVD-2014-02529 // BID: 66938 // JVNDB: JVNDB-2014-002173 // CNNVD: CNNVD-201404-362 // NVD: CVE-2014-0984

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2014-0984
value: MEDIUM

Trust: 1.0

NVD: CVE-2014-0984
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2014-02529
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201404-362
value: MEDIUM

Trust: 0.6

IVD: 7593d75a-1edc-11e6-abef-000c29c66e3d
value: MEDIUM

Trust: 0.2

VULHUB: VHN-68477
value: MEDIUM

Trust: 0.1

VULMON: CVE-2014-0984
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2014-0984
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2014-02529
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 7593d75a-1edc-11e6-abef-000c29c66e3d
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-68477
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: IVD: 7593d75a-1edc-11e6-abef-000c29c66e3d // CNVD: CNVD-2014-02529 // VULHUB: VHN-68477 // VULMON: CVE-2014-0984 // JVNDB: JVNDB-2014-002173 // CNNVD: CNNVD-201404-362 // NVD: CVE-2014-0984

PROBLEMTYPE DATA

problemtype:CWE-264

Trust: 1.9

sources: VULHUB: VHN-68477 // JVNDB: JVNDB-2014-002173 // NVD: CVE-2014-0984

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201404-362

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201404-362

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2014-002173

EXPLOIT AVAILABILITY
sources:
            
            
            VULHUB: VHN-68477 // 
            
            
            
            VULMON: CVE-2014-0984

PATCH
title:SAP Security Note 1986895url:http://scn.sap.com/docs/DOC-8218
Trust: 0.8
title:Patch for SAProuter Information Disclosure Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/45053
Trust: 0.6
title:martingalloarurl:https://github.com/martingalloar/martingalloar 
Trust: 0.1
title:publicationsurl:https://github.com/martingalloar/publications 
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2014-02529 // 
            
            
            
            VULMON: CVE-2014-0984 // 
            
            
            
            JVNDB: JVNDB-2014-002173

EXTERNAL IDS
db:NVDid:CVE-2014-0984
Trust: 3.7
db:SECUNIAid:57993
Trust: 1.2
db:EXPLOIT-DBid:32919
Trust: 1.2
db:BIDid:66938
Trust: 1.0
db:CNNVDid:CNNVD-201404-362
Trust: 0.9
db:CNVDid:CNVD-2014-02529
Trust: 0.8
db:JVNDBid:JVNDB-2014-002173
Trust: 0.8
db:OSVDBid:105967
Trust: 0.6
db:BUGTRAQid:20140416 [CORE-2014-0003] - SAP ROUTER PASSWORD TIMING ATTACK
Trust: 0.6
db:IVDid:7593D75A-1EDC-11E6-ABEF-000C29C66E3D
Trust: 0.2
db:SEEBUGid:SSVID-86180
Trust: 0.1
db:PACKETSTORMid:126194
Trust: 0.1
db:VULHUBid:VHN-68477
Trust: 0.1
db:VULMONid:CVE-2014-0984
Trust: 0.1
sources:
            
            
            IVD: 7593d75a-1edc-11e6-abef-000c29c66e3d // 
            
            
            
            CNVD: CNVD-2014-02529 // 
            
            
            
            VULHUB: VHN-68477 // 
            
            
            
            VULMON: CVE-2014-0984 // 
            
            
            
            BID: 66938 // 
            
            
            
            JVNDB: JVNDB-2014-002173 // 
            
            
            
            CNNVD: CNNVD-201404-362 // 
            
            
            
            NVD: CVE-2014-0984

REFERENCES
url:http://www.coresecurity.com/advisories/sap-router-password-timing-attack
Trust: 2.6
url:http://scn.sap.com/docs/doc-8218
Trust: 1.8
url:https://service.sap.com/sap/support/notes/1986895
Trust: 1.8
url:http://www.securityfocus.com/archive/1/531854/100/0/threaded
Trust: 1.2
url:http://www.exploit-db.com/exploits/32919
Trust: 1.2
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0984
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0984
Trust: 0.8
url:http://secunia.com/advisories/57993/
Trust: 0.6
url:http://osvdb.com/show/osvdb/105967
Trust: 0.6
url:http://www.securityfocus.com/archive/1/archive/1/531854/100/0/threaded
Trust: 0.6
url:http://secunia.com/advisories/57993
Trust: 0.6
url:https://cwe.mitre.org/data/definitions/264.html
Trust: 0.1
url:http://tools.cisco.com/security/center/viewalert.x?alertid=33846
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://www.exploit-db.com/exploits/32919/
Trust: 0.1
url:https://github.com/martingalloar/martingalloar
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2014-02529 // 
            
            
            
            VULHUB: VHN-68477 // 
            
            
            
            VULMON: CVE-2014-0984 // 
            
            
            
            JVNDB: JVNDB-2014-002173 // 
            
            
            
            CNNVD: CNNVD-201404-362 // 
            
            
            
            NVD: CVE-2014-0984

CREDITS
Martin Gallo from Core Security Consulting Services
Trust: 0.3
sources:
            
            
            BID: 66938

SOURCES
db:IVDid:7593d75a-1edc-11e6-abef-000c29c66e3d
db:CNVDid:CNVD-2014-02529
db:VULHUBid:VHN-68477
db:VULMONid:CVE-2014-0984
db:BIDid:66938
db:JVNDBid:JVNDB-2014-002173
db:CNNVDid:CNNVD-201404-362
db:NVDid:CVE-2014-0984

LAST UPDATE DATE
2024-11-23T22:18:37.585000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2014-02529date:2014-04-21T00:00:00
db:VULHUBid:VHN-68477date:2018-10-10T00:00:00
db:VULMONid:CVE-2014-0984date:2018-10-10T00:00:00
db:BIDid:66938date:2014-04-16T00:00:00
db:JVNDBid:JVNDB-2014-002173date:2014-04-22T00:00:00
db:CNNVDid:CNNVD-201404-362date:2014-04-22T00:00:00
db:NVDid:CVE-2014-0984date:2024-11-21T02:03:09.590

SOURCES RELEASE DATE
db:IVDid:7593d75a-1edc-11e6-abef-000c29c66e3ddate:2014-04-21T00:00:00
db:CNVDid:CNVD-2014-02529date:2014-04-21T00:00:00
db:VULHUBid:VHN-68477date:2014-04-17T00:00:00
db:VULMONid:CVE-2014-0984date:2014-04-17T00:00:00
db:BIDid:66938date:2014-04-16T00:00:00
db:JVNDBid:JVNDB-2014-002173date:2014-04-22T00:00:00
db:CNNVDid:CNNVD-201404-362date:2014-04-22T00:00:00
db:NVDid:CVE-2014-0984date:2014-04-17T14:55:08.857