Rewterz Threat Advisory – Multiple SAP Products Vulnerabilities

February 15, 2024

Severity

Medium

Analysis Summary

CVE-2024-24739 CVSS: 6.3

SAP Bank Account Management could allow a remote authenticated attacker to gain elevated privileges on the system, caused by improper authorization validation. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges.

CVE-2024-22130 CVSS: 7.6

SAP CRM is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVE-2024-24740 CVSS: 5.3

SAP NetWeaver AS ABAP could allow a remote attacker to obtain sensitive information, caused by improper access control. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.

CVE-2024-24741 CVSS: 4.3

SAP could allow a remote authenticated attacker to obtain sensitive information, caused by improper authorization validation. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.

CVE-2024-24742 CVSS: 4.1

CVE-2024-22126 CVSS: 8.8

SAP NetWeaver AS Java is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially crafted URL to execute script in a victim’s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVE-2024-25643 CVSS: 4.3

SAP Fiori app could allow a remote authenticated attacker to gain elevated privileges on the system, caused by improper authorization validation. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges.

CVE-2024-24743 CVSS: 8.6

SAP NetWeaver AS Java could allow a remote attacker to obtain sensitive information, caused by improper handling of XML external entity (XXE) declarations. By sending a specially crafted XML content, a remote attacker could exploit this vulnerability to read arbitrary files on the server.

CVE-2024-22128 CVSS: 4.7

SAP NetWeaver Business Client for HTML is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially crafted URL to execute script in a victim’s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVE-2024-22131 CVSS: 9.1

SAP ABA could allow a remote authenticated attacker to bypass security restrictions, caused by a code injection vulnerability in an exposed vulnerable interface. By leveraging the vulnerable interface to invoke an application function, an attacker could exploit this vulnerability to perform actions which they would not normally be permitted to perform, including reading or modifying any user or business data or make the entire system unavailable.