ID
VAR-201708-1668
TITLE
SAP NetWeaver K.M. Web Page Composer URI Redirection Vulnerability
Trust: 0.3
sources:
BID: 100177
DESCRIPTION
SAP NetWeaver is prone to a URI-redirection vulnerability because the application fails to properly sanitize user-supplied input. An attacker can leverage this issue by constructing a crafted URI and enticing a user to follow it. When an unsuspecting victim follows the link, they may be redirected to an attacker-controlled site; this may aid in phishing attacks. Other attacks are possible.
Trust: 0.3
sources:
BID: 100177
AFFECTED PRODUCTS
| vendor: | sap | model: | netweaver | scope: | eq | version: | 0 | Trust: 0.3 |
sources:
BID: 100177
THREAT TYPE
network
Trust: 0.3
sources:
BID: 100177
TYPE
Input Validation Error
Trust: 0.3
sources:
BID: 100177
EXTERNAL IDS
| db: | BID | id: | 100177 | Trust: 0.3 |
sources:
BID: 100177
REFERENCES
| url: | www.sap.com/platform/netweaver | Trust: 0.3 |
| url: | https://launchpad.support.sap.com/#/notes/2394536 | Trust: 0.3 |
| url: | https://blogs.sap.com/2017/08/08/sap-security-patch-day-august-2017/ | Trust: 0.3 |
sources:
BID: 100177
CREDITS
The vendor reported this issue.
Trust: 0.3
sources:
BID: 100177
SOURCES
| db: | BID | id: | 100177 |
LAST UPDATE DATE
2022-05-17T01:57:41.143000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 100177 | date: | 2017-08-08T00:00:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 100177 | date: | 2017-08-08T00:00:00 |