Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.SAP_NETWEAVER_AS_2234971.NASL
HistoryApr 09, 2021 - 12:00 a.m.

SAP NetWeaver AS Java Monitoring Directory Traversal (2234971)

2021-04-0900:00:00
This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
97
JSON

SAP Netweaver Application Server Java versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, and 7.50 are affected by a directory traversal vulnerability in the AS Java Monitoring component.

Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.

##
# (C) Tenable Network Security, Inc.
##

include('compat.inc');

if (description)
{
  script_id(148400);
  script_version("1.6");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/04/25");

  script_cve_id("CVE-2016-3976");
  script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2022/05/03");

  script_name(english:"SAP NetWeaver AS Java Monitoring Directory Traversal (2234971)");

  script_set_attribute(attribute:"synopsis", value:
"The remote SAP NetWeaver AS Java server may be affected by directory traversal vulnerability");
  script_set_attribute(attribute:"description", value:
"SAP Netweaver Application Server Java versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, and 7.50 are affected by a
directory traversal vulnerability in the AS Java Monitoring component.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://erpscan.io/advisories/erpscan-16-012/");
  script_set_attribute(attribute:"see_also", value:"https://launchpad.support.sap.com/#/notes/2234971");
  script_set_attribute(attribute:"solution", value:
"Apply the appropriate patch according to the vendor advisory.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2016-3976");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2016/03/08");
  script_set_attribute(attribute:"patch_publication_date", value:"2016/03/08");
  script_set_attribute(attribute:"plugin_publication_date", value:"2021/04/09");

  script_set_attribute(attribute:"potential_vulnerability", value:"true");
  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:sap:netweaver_application_server");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Web Servers");

  script_copyright(english:"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("sap_netweaver_as_web_detect.nbin");
  script_require_keys("installed_sw/SAP Netweaver Application Server (AS)", "Settings/ParanoidReport");
  script_require_ports("Services/www", 80, 443, 8000, 50000);

  exit(0);
}

include('http.inc');
include('vcf.inc');

if (report_paranoia < 2) audit(AUDIT_PARANOID);

app = 'SAP Netweaver Application Server (AS)';

get_install_count(app_name:app, exit_if_zero:TRUE);

port = get_http_port(default:443);

app_info = vcf::get_app_info(app:app, port:port, webapp:TRUE);

constraints = [
  {'min_version' : '7.10', 'max_version' : '7.11', 'fixed_display' : 'See vendor advisory' },
  {'equal' : '7.20', 'fixed_display' : 'See vendor advisory' },
  {'equal' : '7.30', 'fixed_display' : 'See vendor advisory' },
  {'equal' : '7.31', 'fixed_display' : 'See vendor advisory' },
  {'equal' : '7.40', 'fixed_display' : 'See vendor advisory' },
  {'equal' : '7.50', 'fixed_display' : 'See vendor advisory' }
];

vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);
VendorProductVersionCPE
sapnetweaver_application_servercpe:/a:sap:netweaver_application_server

Related

checkpoint_advisories 1
attackerkb 1
zdt 1
cve 1
exploitpack 1
prion 1
cisa_kev 1
packetstorm 1
exploitdb 1
openvas 1
threatpost 1
thn 1
rapid7blog 1
qualysblog 1
checkpoint_advisories
checkpoint_advisories
SAP NetWeaver Directory Traversal (CVE-2016-3976)
2021-12-12 00:00:00
attackerkb
attackerkb
CVE-2016-3976
2016-04-07 00:00:00
zdt
zdt
SAP NetWeaver AS JAVA 7.1 < 7.5 - Directory Traversal
2016-06-21 00:00:00
cve
cve
CVE-2016-3976
2016-04-07 23:59:00
exploitpack
exploitpack
SAP NetWeaver AS JAVA 7.1 7.5 - Directory Traversal
2016-06-21 00:00:00
prion
prion
Directory traversal
2016-04-07 23:59:00
cisa_kev
cisa_kev
SAP NetWeaver Directory Traversal Vulnerability
2021-11-03 00:00:00
packetstorm
packetstorm
SAP NetWeaver AS JAVA 7.5 Directory Traversal
2016-06-17 00:00:00
exploitdb
exploitdb
SAP NetWeaver AS JAVA 7.1 &lt; 7.5 - Directory Traversal
2016-06-21 00:00:00
openvas
openvas
SAP NetWeaver Multiple Vulnerabilities
2016-06-21 00:00:00
threatpost
threatpost
SAP Bugs Under Active Cyberattack
2021-04-06 18:47:57
thn
thn
Watch Out! Mission Critical SAP Applications Are Under Active Attack
2021-04-06 13:43:00
rapid7blog
rapid7blog
Attackers Targeting Fortinet Devices and SAP Applications
2021-04-08 17:18:07
qualysblog
qualysblog
Managing CISA Known Exploited Vulnerabilities with Qualys VMDR
2022-02-23 05:39:00
JSON
Related for SAP_NETWEAVER_AS_2234971.NASL
checkpoint_advisories1attackerkb1zdt1cve1exploitpack1prion1cisa_kev1packetstorm1exploitdb1openvas1threatpost1thn1rapid7blog1qualysblog1