Vulners
Lucene search
SAP NetWeaver AS ABAP XML Signature Wrapping in SAML Authentication (3746332)
| Reporter | Title | Published | Views | Family All 9 |
|---|---|---|---|---|
 | CVE-2026-44748 | 9 Jun 202600:20 | โ | attackerkb |
 | CVE-2026-44748 | 9 Jun 202601:20 | โ | circl |
 | CVE-2026-44748 | 9 Jun 202600:20 | โ | cve |
 | CVE-2026-44748 XML Signature Wrapping in SAML Authentication in SAP NetWeaver AS ABAP and ABAP Platform | 9 Jun 202600:20 | โ | cvelist |
 | EUVD-2026-35283 | 9 Jun 202600:20 | โ | euvd |
 | CVE-2026-44748 | 9 Jun 202601:16 | โ | nvd |
 | PT-2026-47534 | 9 Jun 202600:00 | โ | ptsecurity |
 | CVE-2026-44748 | 10 Jun 202602:59 | โ | redhatcve |
 | CVE-2026-44748 XML Signature Wrapping in SAML Authentication in SAP NetWeaver AS ABAP and ABAP Platform | 9 Jun 202600:20 | โ | vulnrichment |
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(320858);
script_version("1.1");
script_set_attribute(attribute:"plugin_modification_date", value:"2026/06/12");
script_cve_id("CVE-2026-44748");
script_xref(name:"IAVA", value:"2026-A-0556");
script_name(english:"SAP NetWeaver AS ABAP XML Signature Wrapping in SAML Authentication (3746332)");
script_set_attribute(attribute:"synopsis", value:
"The remote SAP NetWeaver ABAP server is affected by an XML signature wrapping vulnerability.");
script_set_attribute(attribute:"description", value:
"The version of SAP NetWeaver AS ABAP and ABAP Platform detected on the remote host is affected by an XML signature
wrapping vulnerability in SAML authentication as referenced in SAP Security Note 3746332:
- SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated attacker with normal
privileges to obtain a valid signed message and send modified signed XML documents to the verifier. This
may result in acceptance of tampered identity information leading to unauthorized access to sensitive
user data and potential disruption of normal system usage. This causes a high impact on confidentiality,
integrity and availability of the application. (CVE-2026-44748)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://me.sap.com/notes/3746332");
script_set_attribute(attribute:"solution", value:
"Apply the appropriate patch according to the vendor advisory.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2026-44748");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2026/06/09");
script_set_attribute(attribute:"patch_publication_date", value:"2026/06/09");
script_set_attribute(attribute:"plugin_publication_date", value:"2026/06/12");
script_set_attribute(attribute:"potential_vulnerability", value:"true");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/a:sap:netweaver_application_server");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Web Servers");
script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("sap_netweaver_as_web_detect.nbin");
script_require_keys("installed_sw/SAP Netweaver Application Server (AS)", "Settings/ParanoidReport");
script_require_ports("Services/www", 80, 443, 8000, 50000);
exit(0);
}
include('vcf_extras_sap.inc');
if (report_paranoia < 2) audit(AUDIT_PARANOID);
var app_info = vcf::sap_netweaver_as::get_app_info();
var fix = 'See vendor advisory';
var constraints = [
{'equal' : '702', 'fixed_display' : fix },
{'equal' : '731', 'fixed_display' : fix },
{'equal' : '740', 'fixed_display' : fix },
{'equal' : '750', 'fixed_display' : fix },
{'equal' : '751', 'fixed_display' : fix },
{'equal' : '752', 'fixed_display' : fix },
{'equal' : '753', 'fixed_display' : fix },
{'equal' : '754', 'fixed_display' : fix },
{'equal' : '755', 'fixed_display' : fix },
{'equal' : '756', 'fixed_display' : fix },
{'equal' : '757', 'fixed_display' : fix },
{'equal' : '758', 'fixed_display' : fix },
{'equal' : '816', 'fixed_display' : fix },
{'equal' : '918', 'fixed_display' : fix },
{'equal' : '919', 'fixed_display' : fix }
];
vcf::sap_netweaver_as::check_version_and_report(
app_info:app_info,
constraints:constraints,
severity:SECURITY_HOLE,
abap:TRUE
);
Data
Build on a solid foundation withย Vulners data
Weย provide theย essential building blocks forย cybersecurity solutions withย comprehensive, structured, andย constantly updated vulnerability andย exploits data
Api
Power your application withย Vulners API
The Vulners REST API offers reliable, high-performance access toย vulnerabilityย intelligence, withย 99.9%ย SLAย uptime andย CDN-backed data delivery forย seamlessย global access
App
Assess and manage vulnerabilities withย Vulnersย tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
12 Jun 2026 00:00Current
5.5Medium risk
Vulners AI Score5.5
CVSS 3.19.9
EPSS0.00046
SSVC