Lucene search
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.SAP_NETWEAVER_AS_ABAP_JAN_2024.NASLHistoryJan 10, 2024 - 12:00 a.m.
SAP NetWeaver AS ABAP XSS (Jan 2024)
2024-01-1000:00:00
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
18
sap netweaver
abap
cross-site scripting
vulnerability
application server
security
2024
patch
confidentiality
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
EPSS
0
Percentile
14.0%
SAP NetWeaver Application Server for ABAP and ABAP Platform do not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. An attacker with low privileges can cause limited impact to confidentiality of the application data after successful exploitation.
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(187902);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/01/15");
script_cve_id("CVE-2024-21738");
script_xref(name:"IAVA", value:"2024-A-0007");
script_name(english:"SAP NetWeaver AS ABAP XSS (Jan 2024)");
script_set_attribute(attribute:"synopsis", value:
"The remote SAP NetWeaver ABAP server may be affected by a cross-site scripting vulnerability.");
script_set_attribute(attribute:"description", value:
"SAP NetWeaver Application Server for ABAP and ABAP Platform do not sufficiently encode user-controlled inputs,
resulting in Cross-Site Scripting (XSS) vulnerability. An attacker with low privileges can cause limited impact
to confidentiality of the application data after successful exploitation.
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
# https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?18f404d5");
script_set_attribute(attribute:"see_also", value:"https://me.sap.com/notes/3387737");
script_set_attribute(attribute:"solution", value:
"Apply the appropriate patch according to the vendor advisory.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2024-21738");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2024/01/09");
script_set_attribute(attribute:"patch_publication_date", value:"2024/01/09");
script_set_attribute(attribute:"plugin_publication_date", value:"2024/01/10");
script_set_attribute(attribute:"potential_vulnerability", value:"true");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/a:sap:netweaver_application_server");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Web Servers");
script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("sap_netweaver_as_web_detect.nbin");
script_require_keys("installed_sw/SAP Netweaver Application Server (AS)", "Settings/ParanoidReport");
script_require_ports("Services/www", 80, 443, 8000, 50000);
exit(0);
}
include('vcf_extras_sap.inc');
var app_info = vcf::sap_netweaver_as::get_app_info();
if (report_paranoia < 2)
audit(AUDIT_PARANOID);
var fix = 'See vendor advisory';
var constraints = [
{'equal' : '700', 'fixed_display' : fix },
{'equal' : '701', 'fixed_display' : fix },
{'equal' : '702', 'fixed_display' : fix },
{'equal' : '731', 'fixed_display' : fix },
{'equal' : '740', 'fixed_display' : fix },
{'equal' : '750', 'fixed_display' : fix },
{'equal' : '751', 'fixed_display' : fix },
{'equal' : '752', 'fixed_display' : fix },
{'equal' : '753', 'fixed_display' : fix },
{'equal' : '754', 'fixed_display' : fix },
{'equal' : '755', 'fixed_display' : fix },
{'equal' : '756', 'fixed_display' : fix },
{'equal' : '757', 'fixed_display' : fix },
{'equal' : '758', 'fixed_display' : fix },
{'equal' : '793', 'fixed_display' : fix },
{'equal' : '794', 'fixed_display' : fix }
];
vcf::sap_netweaver_as::check_version_and_report(
app_info:app_info,
constraints:constraints,
severity:SECURITY_WARNING,
abap:TRUE,
flags:{'xss':TRUE}
);Related
cvelist
cvelist
nessus
nessus
SAP NetWeaver AS ABAP HTTP Rapid Reset (Jan 2024)
2024-01-10 00:00:00
prion
prion
Cross site scripting
2024-01-09 02:15:00
nvd
nvd
CVE-2024-21738
2024-01-09 02:15:46
cve
cve
CVE-2024-21738
2024-01-09 02:15:46
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
EPSS
0
Percentile
14.0%
Related for SAP_NETWEAVER_AS_ABAP_JAN_2024.NASL