Multiple IBM Products Vulnerabilities
May 3, 2024CVE-2024-32638 – Apache APISIX Vulnerability
May 3, 2024Multiple IBM Products Vulnerabilities
May 3, 2024CVE-2024-32638 – Apache APISIX Vulnerability
May 3, 2024Severity
Medium
Analysis Summary
CVE-2024-27898 CVSS:5.3
SAP NetWeaver is vulnerable to server-side request forgery, caused by insufficient input validation. By sending a specially crafted request, a remote attacker could exploit this vulnerability to conduct an SSRF attack, allowing the attacker to access or manipulate resources from the perspective of the affected server.
CVE-2024-28167 CVSS:6.5
SAP Group Reporting Data Collection could allow a remote authenticated attacker to gain elevated privileges on the system caused by not performing necessary authorization checks for an authenticated user. By using the Enter Package Data app, an authenticated attacker could exploit this vulnerability to change specific data.
CVE-2024-27901 CVSS:7.2
SAP Asset Accounting could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences to access arbitrary files on the system, which impact the confidentiality, integrity, and availability of the application.
CVE-2024-30216 CVSS:4.3
SAP S/4 HANA could allow a remote authenticated attacker to gain elevated privileges on the system caused by missing authorization in Cash Management. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to add notes in the review request with 'completed' status.
CVE-2024-25646 CVSS:7.7
SAP BusinessObject Business Intelligence Launch Pad could allow a remote attacker to obtain sensitive information, caused by improper access control. By using a specially crafted document, an attacker could exploit this vulnerability to obtain operating system information , and use this information to launch further attacks against the affected system.
CVE-2024-30218 CVSS:6.5
SAP NetWeaver is vulnerable to a denial of service, caused by an error in AS ABAP and ABAP. By sending specially crafted requests, a remote attacker could exploit this vulnerability to crash or flood the service.
CVE-2024-30217 CVSS:4.3
SAP S/4 HANA could allow a remote authenticated attacker to gain elevated privileges on the system caused by missing authorization in Cash Management. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to approve or reject a bank account application.
CVE-2024-27899 CVSS:8.8
SAP NetWeaver AS Java User Management Engine could allow a remote attacker to obtain sensitive information, caused by not enforce proper security requirements for the content of the newly defined security answer. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVE-2024-30214 CVSS:4.8
SAP Business Connector is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.
CVE-2024-30215 CVSS:4.8
SAP Business Connector is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker
CVE-2024-22133 CVSS:4.6
SAP Fiori Front End Server could allow a remote authenticated attacker to bypass security restrictions, caused by improper access control. By sending a specially crafted request, an attacker could exploit this vulnerability to connect to change the approver details on the read-only field.
CVE-2024-25645 CVSS:5.3
SAP NetWeaver could allow a remote attacker to obtain sensitive information, caused by improper access control. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVE-2024-27902 CVSS:5.4
SAP NetWeaver AS ABAP is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.
CVE-2024-27900 CVSS:4.3
SAP ABAP Platform could allow a remote authenticated attacker to bypass security restrictions, caused by improper authorization validation. By sending a specially crafted request, an attacker could exploit this vulnerability to change the privacy setting of job templates from shared to private.
CVE-2024-22127 CVSS:9.1
SAP NetWeaver AS Java could allow a remote authenticated attacker to upload arbitrary files, caused by the improper validation of file extensions. By sending a specially-crafted HTTP request, a remote attacker could exploit this vulnerability to upload a malicious file, which could allow the attacker to execute arbitrary commands on the vulnerable system.
CVE-2024-25644 CVSS:5.3
SAP NetWeaver could allow a remote attacker to obtain sensitive information, caused by improper access control. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVE-2024-28163 CVSS:5.3
SAP NetWeaver Process Integration could allow a remote attacker to obtain sensitive information, caused by improper access control. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
Impact
- Information Obtain
- Privilege Escalation
- Denial of Service
- Cross-Site Scripting
- Security Bypass
- Gain Access
Indicators of Compromise
CVE
- CVE-2024-27898
- CVE-2024-28167
- CVE-2024-27901
- CVE-2024-30216
- CVE-2024-25646
- CVE-2024-30218
- CVE-2024-30217
- CVE-2024-27899
- CVE-2024-30214
- CVE-2024-30215
- CVE-2024-22133
- CVE-2024-25645
- CVE-2024-27902
- CVE-2024-27900
- CVE-2024-22127
- CVE-2024-25644
- CVE-2024-28163
Affected Vendors
Affected Products
- SAP NetWeaver AS Java 7.50
- SAP NetWeaver Process Integration 7.50
- SAP NetWeaver 7.50
- SAP NetWeaver AS ABAP KERNEL 7.22
- SAP NetWeaver AS ABAP KERNEL 7.53
- SAP NetWeaver AS ABAP KERNEL 7.77
- SAP NetWeaver AS ABAP KERNEL 7.85
- SAP NetWeaver AS ABAP KERNEL 7.89
- SAP NetWeaver AS ABAP KERNEL 7.54
- SAP NetWeaver AS ABAP KERNEL 7.93
- SAP NetWeaver AS ABAP KRNL64UC 7.53
- SAP Group Reporting Data Collection S4CORE 104
- SAP Group Reporting Data Collection S4CORE 105
- SAP Group Reporting Data Collection S4CORE 106
- SAP Group Reporting Data Collection S4CORE 107
- SAP Group Reporting Data Collection S4CORE 108
- SAP Group Reporting Data Collection SAP_GRDC_CLOUD 1.0.0
- SAP Asset Accounting SAP_APPL 600
- SAP Asset Accounting SAP_FIN617
- SAP Asset Accounting SAP_FIN 618
- SAP Asset Accounting SAP_FIN700
- SAP S/4 HANA S4CORE 103
- SAP S/4 HANA S4CORE 104
- SAP S/4 HANA S4CORE 105
- SAP S/4 HANA S4CORE 106
- SAP S/4 HANA S4CORE 107
- SAP S/4 HANA S4CORE 108
- SAP BusinessObjects Web Intelligence 4.2
- SAP BusinessObjects Web Intelligence 4.3
- SAP NetWeaver AS ABAP KRNL64NUC 7.22
- SAP NetWeaver AS ABAP KRNL64NUC 7.22EXT
- SAP NetWeaver AS Java User Management Engine SERVERCORE 7.50
- SAP NetWeaver AS Java User Management Engine J2EE-APPS 7.50
- SAP NetWeaver AS Java User Management Engine UMEADMIN 7.50
- SAP Business Connector 4.8
- SAP Fiori Front End Server 605
- SAP ABAP Platform 758
- SAP ABAP Platform 795
- SAP NetWeaver 7.50 ServerCore
Remediation
Current SAP customers should refer to SAP Security Advisory for patch information, available from the SAP Website (User Login Required).