Multiple IBM Products Vulnerabilities
August 14, 2024ICS: Siemens SINEC NMS Vulnerability
August 14, 2024Multiple IBM Products Vulnerabilities
August 14, 2024ICS: Siemens SINEC NMS Vulnerability
August 14, 2024Severity
High
Analysis Summary
CVE-2024-28166 CVSS:3.7
SAP BusinessObjects Business Intelligence Platform could allow a remote authenticated attacker to upload arbitrary files, caused by the improper validation of file extensions. By sending a specially crafted HTTP request, a remote attacker could exploit this vulnerability to upload a malicious file, which could allow the attacker to execute arbitrary code on the vulnerable system.
CVE-2024-42373 CVSS:4.3
SAP Student Life Cycle Management could allow a remote authenticated attacker to gain elevated privileges on the system, caused by improper authorization validation. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges.
CVE-2024-42377 CVSS:4.3
SAP Shared Service Framework could allow a remote authenticated attacker to bypass security restrictions, caused by improper authorization validation. By sending a specially crafted request, an attacker could exploit this vulnerability to insert value entries into a non-sensitive table.
CVE-2024-33005 CVSS:6.3
SAP NetWeaver Application Server,Web Dispatcher and Content Server could allow a local authenticated attacker to bypass security restrictions, caused by missing authorization checks in the local systems. By sending a specially crafted request, an attacker could exploit this vulnerability to impersonate other users and perform some unintended actions.
CVE-2024-41735 CVSS:5.4
SAP Commerce Backoffice is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.
CVE-2024-41733 CVSS:5.3
SAP Commerce could allow a remote attacker to obtain sensitive information, caused by a flaw during the customer registration and login processes. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain valid user account information, and use this information to launch further attacks against the affected system.
CVE-2024-39591 CVSS:4.3
SAP Document Builder could allow a remote authenticated attacker to gain elevated privileges on the system, caused by improper authorization validation. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges.
CVE-2024-41737 CVSS:5
SAP CRM ABAP is vulnerable to server-side request forgery, caused by improper input validation. By sending specially crafted HTTP requests, an attacker could exploit this vulnerability to conduct SSRF attack to enumerate HTTP endpoints in the internal network.
CVE-2024-41734 CVSS:4.3
SAP NetWeaver Application Server ABAP and ABAP Platform could allow a remote authenticated attacker to obtain sensitive information, caused by missing authorization check. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain user related information, and use this information to launch further attacks against the affected system.
CVE-2024-41736 CVSS:4.3
SAP Permit to Work could allow a remote authenticated attacker to obtain sensitive information, caused by improper access control. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
Impact
- Security Bypass
- Privilege Escalation
Indicators of Compromise
CVE
- CVE-2024-28166
- CVE-2024-42373
- CVE-2024-42377
- CVE-2024-33005
- CVE-2024-41735
- CVE-2024-41733
- CVE-2024-39591
- CVE-2024-41737
- CVE-2024-41734
- CVE-2024-41736
Affected Vendors
Affected Products
- SAP Commerce HY_COM 2205
- SAP Commerce COM_CLOUD 2211
- SAP NetWeaver Application Server ABAP and ABAP Platform SAP_BASIS 700
- SAP BusinessObjects Business Intelligence Platform ENTERPRISE 420
- SAP BusinessObjects Business Intelligence Platform ENTERPRISE 430
- SAP BusinessObjects Business Intelligence Platform ENTERPRISE 440
- SAP Student Life Cycle Management (SLcM) 617
- SAP Student Life Cycle Management (SLcM) 618
- SAP Student Life Cycle Management (SLcM) 802
- SAP Student Life Cycle Management (SLcM) 803
- SAP Student Life Cycle Management (SLcM) 804
- SAP Student Life Cycle Management (SLcM) 805SAP Shared Service Framework SAP_BS_FND 702
- SAP Shared Service Framework SAP_BS_FND 731
- SAP Shared Service Framework SAP_BS_FND 746
- SAP Shared Service Framework SAP_BS_FND 747
- SAP Shared Service Framework SAP_BS_FND 748
- SAP Document Builder S4FND 102
- SAP Document Builder S4FND 103
- SAP Document Builder S4FND 104
- SAP Document Builder S4FND 105
- SAP CRM ABAP BBPCRM 700
- SAP CRM ABAP BBPCRM 701
- SAP CRM ABAP BBPCRM 702
- SAP CRM ABAP BBPCRM 712
- SAP NetWeaver Application Server ABAP and ABAP Platform SAP_BASIS 701
- SAP NetWeaver Application Server ABAP and ABAP Platform SAP_BASIS 702
- SAP NetWeaver Application Server ABAP and ABAP Platform SAP_BASIS 731
- SAP Permit to Work UIS4HOP1 800
- SAP Permit to Work UIS4HOP1 900
Remediation
Current SAP customers should refer to SAP note for patch information, available from the SAP Website (login required).