Sign-up

ID

VAR-201605-0004


CVE

CVE-2010-5326


TITLE

SAP Netweaver Invoker Servlet Remote code execution vulnerability

Trust: 1.7

sources: IVD: 39506c1a-1f8e-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-2905 // BID: 48925 // CNNVD: CNNVD-201107-453

DESCRIPTION

The Invoker Servlet on SAP NetWeaver Application Server Java platforms, possibly before 7.3, does not require authentication, which allows remote attackers to execute arbitrary code via an HTTP or HTTPS request, as exploited in the wild in 2013 through 2016, aka a "Detour" attack. Attacks on this vulnerability 2013 From 2016 Observed in year. This vulnerability "Detour" It is called an attack. Vendors have confirmed this vulnerability SAP Security Note 1445998 It is released as.By a third party HTTP Or HTTPS Arbitrary code may be executed via a request. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. The SAP Netweaver Invoker Servlet has a security vulnerability that allows an attacker to call any servlet even if it is declared in a web.xml file. This includes any servlet classes available in the application classloader, such as those in the WEB-INF\\classes, WEB-INF\\lib, and WEB-INF\\additinal-lib application directories. Multiple servlets included with Java applications are not designed for direct client access, but instead interact inside the application, thus causing arbitrary calls to be performed and invisible operations on the SAP server. An attacker may leverage this issue to execute arbitrary script code within the context of the affected application

Trust: 2.97

sources: NVD: CVE-2010-5326 // JVNDB: JVNDB-2016-002737 // CNVD: CNVD-2011-2905 // BID: 90533 // BID: 48925 // IVD: 39506c1a-1f8e-11e6-abef-000c29c66e3d // VULMON: CVE-2010-5326

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: 39506c1a-1f8e-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-2905

AFFECTED PRODUCTS

vendor:sapmodel:netweaverscope:eqversion:7.30

Trust: 1.5

vendor:sapmodel:netweaverscope:eqversion:7.0

Trust: 1.1

vendor:sapmodel:netweaver application server javascope:lteversion:7.30

Trust: 1.0

vendor:sapmodel:netweaver sp15scope:eqversion:7.0

Trust: 0.9

vendor:sapmodel:netweaver sp8scope:eqversion:7.0

Trust: 0.9

vendor:sapmodel:netweaverscope:eqversion:7.10

Trust: 0.9

vendor:sapmodel:netweaverscope:eqversion:7.02

Trust: 0.9

vendor:sapmodel:netweaverscope:eqversion:7.01

Trust: 0.9

vendor:sapmodel:netweaver application server javascope:ltversion:7.3

Trust: 0.8

vendor:sapmodel:solution managerscope:eqversion:0

Trust: 0.3

vendor:sapmodel:supply chain managementscope:eqversion:0

Trust: 0.3

vendor:sapmodel:product lifecycle managementscope:eqversion:0

Trust: 0.3

vendor:sapmodel:netweaver composition environmentscope:eqversion:0

Trust: 0.3

vendor:sapmodel:exchange infrastructurescope:eqversion:0

Trust: 0.3

vendor:sapmodel:enterprise portalscope:eqversion:0

Trust: 0.3

vendor:sapmodel:netweaver sp15scope:eqversion:7.0*

Trust: 0.2

vendor:sapmodel:netweaver sp8scope:eqversion:7.0*

Trust: 0.2

vendor:sapmodel:netweaverscope:eqversion:7.10*

Trust: 0.2

vendor:sapmodel:netweaverscope:eqversion:7.30*

Trust: 0.2

vendor:sapmodel:netweaverscope:eqversion:7.02*

Trust: 0.2

vendor:sapmodel:netweaverscope:eqversion:7.01*

Trust: 0.2

sources: IVD: 39506c1a-1f8e-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-2905 // BID: 90533 // BID: 48925 // JVNDB: JVNDB-2016-002737 // CNNVD: CNNVD-201605-399 // NVD: CVE-2010-5326

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2010-5326
value: CRITICAL

Trust: 1.0

NVD: CVE-2010-5326
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-201605-399
value: CRITICAL

Trust: 0.6

IVD: 39506c1a-1f8e-11e6-abef-000c29c66e3d
value: HIGH

Trust: 0.2

VULMON: CVE-2010-5326
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2010-5326
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

IVD: 39506c1a-1f8e-11e6-abef-000c29c66e3d
severity: NONE
baseScore: NONE
vectorString: NONE
accessVector: NONE
accessComplexity: NONE
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: UNKNOWN

Trust: 0.2

nvd@nist.gov: CVE-2010-5326
baseSeverity: CRITICAL
baseScore: 10.0
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 6.0
version: 3.1

Trust: 1.0

NVD: CVE-2010-5326
baseSeverity: CRITICAL
baseScore: 10.0
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: IVD: 39506c1a-1f8e-11e6-abef-000c29c66e3d // VULMON: CVE-2010-5326 // JVNDB: JVNDB-2016-002737 // CNNVD: CNNVD-201605-399 // NVD: CVE-2010-5326

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2010-5326

THREAT TYPE

remote

Trust: 1.2

sources: CNNVD: CNNVD-201107-453 // CNNVD: CNNVD-201605-399

TYPE

Code injection

Trust: 0.8

sources: IVD: 39506c1a-1f8e-11e6-abef-000c29c66e3d // CNNVD: CNNVD-201107-453

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2016-002737

PATCH
title:Invoker Servleturl:http://help.sap.com/saphelp_nw70ehp2/helpdata/en/bb/f2b9d88ba4e8459e5a69cb513597ec/frameset.htm
Trust: 0.8
title:US-CERT アラート情報:SAP セキュリティノート 1445998 で解決済みの問題について再度のお知らせurl:https://support.sap.com/ja.html
Trust: 0.8
title:Patch for SAP Netweaver Invoker Servlet Remote Code Execution Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/4568
Trust: 0.6
title:SAP NetWeaver Application Server Invoker Servlet Fixes for arbitrary code execution vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=61715
Trust: 0.6
title:The Registerurl:https://www.theregister.co.uk/2021/04/06/sap_patch_attacks/
Trust: 0.2
title:Threatposturl:https://threatpost.com/sap-bugs-cyberattack-compromise/165265/
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2011-2905 // 
            
            
            
            VULMON: CVE-2010-5326 // 
            
            
            
            JVNDB: JVNDB-2016-002737 // 
            
            
            
            CNNVD: CNNVD-201605-399

EXTERNAL IDS
db:BIDid:48925
Trust: 3.2
db:NVDid:CVE-2010-5326
Trust: 2.8
db:USCERTid:TA16-132A
Trust: 2.5
db:BIDid:90533
Trust: 2.0
db:CNVDid:CNVD-2011-2905
Trust: 0.8
db:JVNDBid:JVNDB-2016-002737
Trust: 0.8
db:CNNVDid:CNNVD-201107-453
Trust: 0.6
db:CNNVDid:CNNVD-201605-399
Trust: 0.6
db:IVDid:39506C1A-1F8E-11E6-ABEF-000C29C66E3D
Trust: 0.2
db:VULMONid:CVE-2010-5326
Trust: 0.1
sources:
            
            
            IVD: 39506c1a-1f8e-11e6-abef-000c29c66e3d // 
            
            
            
            CNVD: CNVD-2011-2905 // 
            
            
            
            VULMON: CVE-2010-5326 // 
            
            
            
            BID: 90533 // 
            
            
            
            BID: 48925 // 
            
            
            
            JVNDB: JVNDB-2016-002737 // 
            
            
            
            CNNVD: CNNVD-201107-453 // 
            
            
            
            CNNVD: CNNVD-201605-399 // 
            
            
            
            NVD: CVE-2010-5326

REFERENCES
url:https://www.onapsis.com/threat-report-tip-iceberg-wild-exploitation-cyber-attacks-sap-business-applications
Trust: 2.5
url:http://www.onapsis.com/research/publications/sap-security-in-depth-vol4-the-invoker-servlet-a-dangerous-detour-into-sap-java-solutions
Trust: 2.5
url:http://www.us-cert.gov/ncas/alerts/ta16-132a
Trust: 2.5
url:http://www.securityfocus.com/bid/48925
Trust: 2.3
url:http://www.securityfocus.com/bid/90533
Trust: 1.8
url:http://service.sap.com/sap/support/notes/1445998
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-5326
Trust: 0.8
url:http://jvn.jp/ta/jvnta91951276/index.html
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-5326
Trust: 0.8
url:http://www.securityfocus.com/bid/48925/info
Trust: 0.6
url:http://www.onapsis.com/resources/download.php?id=7wkeuqheij%2bqq3jv4qpdjl1ffrxqqxpj5uloink%2bzeilka6bds1fhqzomd%2bpokyossoouymyxkdykay2dgrh&lang=en .
Trust: 0.6
url:http://www.sap.com/platform/netweaver/index.epx
Trust: 0.3
url:https://cwe.mitre.org/data/definitions/.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://www.theregister.co.uk/2021/04/06/sap_patch_attacks/
Trust: 0.1
url:https://threatpost.com/sap-bugs-cyberattack-compromise/165265/
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2011-2905 // 
            
            
            
            VULMON: CVE-2010-5326 // 
            
            
            
            BID: 90533 // 
            
            
            
            BID: 48925 // 
            
            
            
            JVNDB: JVNDB-2016-002737 // 
            
            
            
            CNNVD: CNNVD-201107-453 // 
            
            
            
            CNNVD: CNNVD-201605-399 // 
            
            
            
            NVD: CVE-2010-5326

CREDITS
Onapsis Security
Trust: 1.2
sources:
            
            
            BID: 90533 // 
            
            
            
            BID: 48925 // 
            
            
            
            CNNVD: CNNVD-201107-453

SOURCES
db:IVDid:39506c1a-1f8e-11e6-abef-000c29c66e3d
db:CNVDid:CNVD-2011-2905
db:VULMONid:CVE-2010-5326
db:BIDid:90533
db:BIDid:48925
db:JVNDBid:JVNDB-2016-002737
db:CNNVDid:CNNVD-201107-453
db:CNNVDid:CNNVD-201605-399
db:NVDid:CVE-2010-5326

LAST UPDATE DATE
2024-08-14T13:47:23.087000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2011-2905date:2011-07-29T00:00:00
db:VULMONid:CVE-2010-5326date:2021-04-20T00:00:00
db:BIDid:90533date:2016-07-05T22:21:00
db:BIDid:48925date:2011-07-28T00:00:00
db:JVNDBid:JVNDB-2016-002737date:2016-05-20T00:00:00
db:CNNVDid:CNNVD-201107-453date:2011-08-01T00:00:00
db:CNNVDid:CNNVD-201605-399date:2021-04-22T00:00:00
db:NVDid:CVE-2010-5326date:2021-04-20T18:41:50.707

SOURCES RELEASE DATE
db:IVDid:39506c1a-1f8e-11e6-abef-000c29c66e3ddate:2011-07-29T00:00:00
db:CNVDid:CNVD-2011-2905date:2011-07-29T00:00:00
db:VULMONid:CVE-2010-5326date:2016-05-13T00:00:00
db:BIDid:90533date:2016-05-11T00:00:00
db:BIDid:48925date:2011-07-28T00:00:00
db:JVNDBid:JVNDB-2016-002737date:2016-05-20T00:00:00
db:CNNVDid:CNNVD-201107-453date:1900-01-01T00:00:00
db:CNNVDid:CNNVD-201605-399date:2016-05-16T00:00:00
db:NVDid:CVE-2010-5326date:2016-05-13T10:59:00.173