ID
VAR-201604-0102
CVE
CVE-2016-3974
TITLE
SAP NetWeaver Java AS of Configuration Wizard In XML External entity vulnerabilities
Trust: 0.8
DESCRIPTION
XML external entity (XXE) vulnerability in the Configuration Wizard in SAP NetWeaver Java AS 7.1 through 7.5 allows remote attackers to cause a denial of service, conduct SMB Relay attacks, or access arbitrary files via a crafted XML request to _tc~monitoring~webservice~web/ServerNodesWSService, aka SAP Security Note 2235994. Vendors have confirmed this vulnerability SAP Security Note 2235994 It is released as. Supplementary information : CWE Vulnerability type by CWE-611: Improper Restriction of XML External Entity Reference ('XXE') (XML Inappropriate restrictions on external entity references ) Has been identified. Attackers can exploit this issue to obtain potentially sensitive information or cause a denial-of-service condition. This may lead to further attacks
Trust: 1.89
AFFECTED PRODUCTS
| vendor: | sap | model: | netweaver application server java | scope: | lte | version: | 7.50 | Trust: 1.0 |
| vendor: | sap | model: | netweaver application server java | scope: | gte | version: | 7.10 | Trust: 1.0 |
| vendor: | sap | model: | netweaver | scope: | eq | version: | 7.4 | Trust: 0.8 |
| vendor: | sap | model: | netweaver | scope: | eq | version: | 7.40 | Trust: 0.6 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
PROBLEMTYPE DATA
| problemtype: | CWE-611 | Trust: 1.0 |
| problemtype: | CWE-Other | Trust: 0.8 |
THREAT TYPE
remote
Trust: 0.6
TYPE
code problem
Trust: 0.6
CONFIGURATIONS
PATCH
| title: | SAP Security Note 2235994 | url: | http://scn.sap.com/docs/DOC-55451 | Trust: 0.8 |
| title: | SAP NetWeaver AS Java Configuration Wizard XML Fixes for external entity vulnerabilities | url: | http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=60826 | Trust: 0.6 |
EXTERNAL IDS
| db: | NVD | id: | CVE-2016-3974 | Trust: 2.7 |
| db: | EXPLOIT-DB | id: | 39995 | Trust: 1.6 |
| db: | PACKETSTORM | id: | 137527 | Trust: 1.6 |
| db: | JVNDB | id: | JVNDB-2016-002001 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-201604-095 | Trust: 0.6 |
| db: | BID | id: | 85944 | Trust: 0.3 |
REFERENCES
| url: | http://packetstormsecurity.com/files/137527/sap-netweaver-as-java-7.5-xxe-injection.html | Trust: 1.6 |
| url: | https://erpscan.io/advisories/erpscan-16-013-sap-netweaver-7-4-ctcprotocol-servlet-xxe/ | Trust: 1.6 |
| url: | https://erpscan.io/press-center/blog/sap-security-notes-march-2016-review/ | Trust: 1.6 |
| url: | https://www.exploit-db.com/exploits/39995/ | Trust: 1.6 |
| url: | http://seclists.org/fulldisclosure/2016/jun/41 | Trust: 1.6 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-3974 | Trust: 0.8 |
| url: | http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-3974 | Trust: 0.8 |
| url: | https://erpscan.com/advisories/erpscan-16-013-sap-netweaver-7-4-ctcprotocol-servlet-xxe/ | Trust: 0.8 |
| url: | http://www.sap.com | Trust: 0.3 |
CREDITS
Vahagn Vardanyan from ERPScan.
Trust: 0.3
SOURCES
| db: | BID | id: | 85944 |
| db: | JVNDB | id: | JVNDB-2016-002001 |
| db: | CNNVD | id: | CNNVD-201604-095 |
| db: | NVD | id: | CVE-2016-3974 |
LAST UPDATE DATE
2024-11-23T23:05:36.247000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 85944 | date: | 2016-03-08T00:00:00 |
| db: | JVNDB | id: | JVNDB-2016-002001 | date: | 2016-04-13T00:00:00 |
| db: | CNNVD | id: | CNNVD-201604-095 | date: | 2021-04-22T00:00:00 |
| db: | NVD | id: | CVE-2016-3974 | date: | 2024-11-21T02:51:03.880 |
SOURCES RELEASE DATE
| db: | BID | id: | 85944 | date: | 2016-03-08T00:00:00 |
| db: | JVNDB | id: | JVNDB-2016-002001 | date: | 2016-04-13T00:00:00 |
| db: | CNNVD | id: | CNNVD-201604-095 | date: | 2016-04-08T00:00:00 |
| db: | NVD | id: | CVE-2016-3974 | date: | 2016-04-07T19:59:05.240 |