6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.013 Low
EPSS
Percentile
84.5%
Application: SAP NetWeaver Dispatcher **Versions Affected:**SAP KERNEL 7.00 32BIT, disp+work.exe (7000.52.12.34966), SAP KERNEL 7.40 64BIT, disp+work.exe (7400.12.21.30308) Vendor URL:http://www.sap.com **Bugs:**Buffer Overflow **Reported:**17.08.2014 **Vendor response:**18.08.2014 **Date of Public Advisory:**15.02.2015 **Reference:**SAP Security Note 2063369 Authors: George Nosenko (ERPScan)
VULNERABILITY INFORMATION
Class: Buffer overflow [CWE-119], [CWE-20]
Impact: Allows an unauthorized attacker to execute remote code
Remotely Exploitable: Yes
Locally Exploitable: No
CVE Name: CVE-2015-2815
Business Risk
An attacker can use a Buffer Overflow vulnerability for injecting specially crafted code into working memory. The code will be executed by the vulnerable application. Executed commands will run with the same privileges as the service that executed them. This can lead to taking complete control over the application, denial of service, command execution, and other attacks. In case of command execution, the attacker can obtain critical technical and business-related information stored on the vulnerable SAP system, or escalate their privileges. If denial of service happens, the process of the vulnerable component can be terminated. Nobody will be able to use this service, which negatively influences business processes, system downtime, and business reputation.
Description
The vulnerability in SAP NetWeaver Dispatcher can allow an authenticated remote attacker to execute arbitrary code or lead to denial of service conditions.
VULNERABLE PACKAGES
Other versions are probably affected too, but they were not checked.
SOLUTIONS AND WORKAROUNDS
To correct this vulnerability, install SAP Security Note 2063369.
TECHNICAL DESCRIPTION
The vulnerability in SAP NetWeaver Dispatcher can allow an authenticated remote attacker to execute arbitrary code. It can also lead to denial of service.
Defense
To prevent this issue as well as a plethora of other vulnerabilities that may affect your systems, ERPScan provides the following services: