SAP^® and Oracle^® Security Advisories

SAP Netweaver JAVA – Log viewer injection Impact On Business An unauthenticated attacker can use the login form to create additional information entries in SAP Log Viewer leading to obscure actions, complicate the log analysis as well as could break some automated log analyser tools. Vulnerability Details It is possible to inject “NewLine” characters in…

SAP Portal – Authenticated XXE in SystemFromParConverter Impact On Business Successful attacks impact the confidentiality of the SAP Portal. Vulnerability Details The web service com.sap.portal.ivs.systemlandscapeservice.SystemFromParConverter in SAP Portal resolving external entities during the parsing of the PAR file. Attackers could reference http requests or file access by new entities, making the parser load the result…

SAPStartSrv – Pre-auth buffer overflow Impact On Business If parameter service/localconnection = compat : Remotely, an unauthenticated attacker could use it to execute arbitrary commands on the OS side as NT System or root users. If parameter service/localconnection is not set : Locally, an authenticated attacker with low privileges could use it to execute arbitrary…

SAPStartSrv – Pre-auth OS Command injection as root or system Impact On Business If parameter service/localconnection = compat : Remotely, an unauthenticated attacker could use it to execute arbitrary commands on the OS side as system administrator (root or SYSTEM) If parameter service/localconnection is not set : Locally, an authenticated attacker with low privileges could…

Cross-Site Scripting XSS vulnerability in SAP NetWeaver AS ABAP Impact On Business Impact depends on the victim’s privileges. In worst cases, a successful attack allows an attacker to hijack a session, or force the victim to perform undesired requests in the SAP system. Affected Components Description The SAP Host Agent can accomplish several life-cycle tasks…

SAP Host Agent – SAPOscol Namespace – Missing authentication Impact On Business Successful attacks lead to information disclosure as well as extend the scope for an attacker. Affected Components Description The SAP Host Agent can accomplish several life-cycle tasks like : operating system monitoring, database monitoring, system instance control or upgrade preparation. Installed automatically during…

SAP Netweaver ABAP – EPS_OPEN_INPUT_FILE path traversal Impact On Business An attacker with high level privileges can use a remote enabled function to read a file which is otherwise restricted. On successful exploitation an attacker can completely compromise the confidentiality of the application. Affected Components Description SAP NetWeaver Application Server for ABAP provides both the…

SAP EA-DFPS – Syslog pollution Impact On Business By polluting the main SAP system logging, attacker could, among other things : Hide malicious activity Force the syslog to reach its limit then overwrite itself to remove activity Add false alert to create distraction Affected Components Description From the official SAP website. Due to the specific…

Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Application Server ABAP Impact On Business Impact depends on the victim’s privileges. In most cases, a successful attack allows an attacker to hijack a session, or force the victim to perform an undesired request in SAP Netweaver ABAP. Affected Components Description SAP NetWeaver Application Server for ABAP provides…