Details of VAR-201602-0121

ID

VAR-201602-0121

CVE

CVE-2016-2389

TITLE

SAP NetWeaver Vulnerable to directory traversal

Trust: 0.8

sources: JVNDB: JVNDB-2016-001579

DESCRIPTION

Directory traversal vulnerability in the GetFileList function in the SAP Manufacturing Integration and Intelligence (xMII) component 15.0 for SAP NetWeaver 7.4 allows remote attackers to read arbitrary files via a .. (dot dot) in the Path parameter to /Catalog, aka SAP Security Note 2230978

Trust: 1.71

sources: NVD: CVE-2016-2389 // JVNDB: JVNDB-2016-001579 // VULMON: CVE-2016-2389

AFFECTED PRODUCTS

vendor:	sap	model:	netweaver	scope:	eq	version:	7.40	Trust: 1.6
vendor:	sap	model:	netweaver	scope:	eq	version:	7.4	Trust: 0.8

sources: JVNDB: JVNDB-2016-001579 // CNNVD: CNNVD-201602-299 // NVD: CVE-2016-2389

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-2389
value:	HIGH
Trust: 1.0
NVD:	CVE-2016-2389
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201602-299
value:	HIGH
Trust: 0.6
VULMON:	CVE-2016-2389
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2016-2389
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:C/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9

nvd@nist.gov:	CVE-2016-2389
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.0
Trust: 1.0

sources: VULMON: CVE-2016-2389 // JVNDB: JVNDB-2016-001579 // CNNVD: CNNVD-201602-299 // NVD: CVE-2016-2389

PROBLEMTYPE DATA

problemtype:

CWE-22

Trust: 1.8

sources: JVNDB: JVNDB-2016-001579 // NVD: CVE-2016-2389

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201602-299

TYPE

path traversal

Trust: 0.6

sources: CNNVD: CNNVD-201602-299

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-001579

EXPLOIT AVAILABILITY

sources: VULMON: CVE-2016-2389

PATCH

title:	SAP Security Note 2230978	url:	http://scn.sap.com/docs/DOC-55451	Trust: 0.8
title:	SAP NetWeaver Manufacturing Integration and Intelligence Fixes for directory traversal vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=60235	Trust: 0.6
title:	Kenzer Templates [5170] [DEPRECATED]	url:	https://github.com/ARPSyndicate/kenzer-templates	Trust: 0.1

sources: VULMON: CVE-2016-2389 // JVNDB: JVNDB-2016-001579 // CNNVD: CNNVD-201602-299

EXTERNAL IDS

db:	NVD	id:	CVE-2016-2389	Trust: 2.5
db:	EXPLOIT-DB	id:	39837	Trust: 1.1
db:	PACKETSTORM	id:	137046	Trust: 1.1
db:	JVNDB	id:	JVNDB-2016-001579	Trust: 0.8
db:	CNNVD	id:	CNNVD-201602-299	Trust: 0.6
db:	VULMON	id:	CVE-2016-2389	Trust: 0.1

sources: VULMON: CVE-2016-2389 // JVNDB: JVNDB-2016-001579 // CNNVD: CNNVD-201602-299 // NVD: CVE-2016-2389

REFERENCES

url:	https://erpscan.com/advisories/erpscan-16-009-sap-xmii-directory-traversal-vulnerability/	Trust: 1.4
url:	https://erpscan.com/press-center/blog/sap-security-notes-february-2016-review/	Trust: 1.4
url:	https://www.exploit-db.com/exploits/39837/	Trust: 1.2
url:	http://packetstormsecurity.com/files/137046/sap-mii-15.0-directory-traversal.html	Trust: 1.1
url:	http://seclists.org/fulldisclosure/2016/may/40	Trust: 1.1
url:	https://erpscan.io/press-center/blog/sap-security-notes-february-2016-review/	Trust: 1.1
url:	https://erpscan.io/advisories/erpscan-16-009-sap-xmii-directory-traversal-vulnerability/	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2389	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-2389	Trust: 0.8
url:	https://cwe.mitre.org/data/definitions/22.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://github.com/arpsyndicate/kenzer-templates	Trust: 0.1

sources: VULMON: CVE-2016-2389 // JVNDB: JVNDB-2016-001579 // CNNVD: CNNVD-201602-299 // NVD: CVE-2016-2389

SOURCES

db:	VULMON	id:	CVE-2016-2389
db:	JVNDB	id:	JVNDB-2016-001579
db:	CNNVD	id:	CNNVD-201602-299
db:	NVD	id:	CVE-2016-2389

LAST UPDATE DATE

2024-11-23T23:12:36.771000+00:00

SOURCES UPDATE DATE

db:	VULMON	id:	CVE-2016-2389	date:	2018-12-10T00:00:00
db:	JVNDB	id:	JVNDB-2016-001579	date:	2016-03-04T00:00:00
db:	CNNVD	id:	CNNVD-201602-299	date:	2016-02-17T00:00:00
db:	NVD	id:	CVE-2016-2389	date:	2024-11-21T02:48:22.307

SOURCES RELEASE DATE

db:	VULMON	id:	CVE-2016-2389	date:	2016-02-16T00:00:00
db:	JVNDB	id:	JVNDB-2016-001579	date:	2016-03-04T00:00:00
db:	CNNVD	id:	CNNVD-201602-299	date:	2016-02-17T00:00:00
db:	NVD	id:	CVE-2016-2389	date:	2016-02-16T15:59:03.023