SAP NetWeaver Web Dynpro Information Disclosure

2018-05-18T00:00:00

Description

{"id": "PACKETSTORM:147694", "type": "packetstorm", "bulletinFamily": "exploit", "title": "SAP NetWeaver Web Dynpro Information Disclosure", "description": "", "published": "2018-05-18T00:00:00", "modified": "2018-05-18T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://packetstormsecurity.com/files/147694/SAP-NetWeaver-Web-Dynpro-Information-Disclosure.html", "reporter": "Richard Alviarez", "references": [], "cvelist": [], "lastseen": "2018-05-19T17:55:35", "viewCount": 10, "enchantments": {"score": {"value": -0.4, "vector": "NONE"}, "dependencies": {}, "backreferences": {"references": [{"type": "talos", "idList": ["SAP"]}]}, "exploitation": null, "vulnersScore": -0.4}, "sourceHref": "https://packetstormsecurity.com/files/download/147694/sapnetweaverwebdynpro-disclose.txt", "sourceData": "`# Application: SAP NetWeaver Web Dynpro 6.4 to 7.5 - Information disclosure \n# Versions Affected: SAP NetWeaver 6.4 - 7.5 \n# Vendor URL: http://SAP.com \n# Bugs: Information disclosure (Enumerate users) \n# Sent: 2016-12-15 \n# Reported: 2016-12-15 \n# Date of Public Advisory: 09.02.2016 \n# Reference: SAP Security Note 2344524 \n# Author: Richard Alviarez (SIA Group) \n# CVE: N/A \n \n# 1. ADVISORY INFORMATION \n# Title: SAP NetWeaver Web Dynpro a information disclosure (Enumerate users) \n# Advisory ID: 2344524 \n# Risk: Medium \n# Date published: 20.12.2016 \n \n# 2. VULNERABILITY DESCRIPTION \n# Anonymous attacker can use a special HTTP request to get information \n# about SAP NetWeaver users. \n \n# 3. VULNERABLE PACKAGES \n# SAP NetWeaver Web Dynpro 6.4 - 7.5 \n# Other versions are probably affected too, but they were not checked. \n \n# 4. TECHNICAL DESCRIPTION \n# A potential attacker can use the vulnerability in order to reveal \n# information about user names, \n# first and last names, and associated emails, this can provide an attacker \n# with enough information \n# to make a more accurate and effective attack \n \n# Steps to exploit this vulnerability \n \n1. Open \nhttp://SAP/webdynpro/dispatcher/sap.com/caf~eu~gp~example~timeoff~wd/ACreate \nor \nhttp://SAP/webdynpro/dispatcher/sap.com/caf~eu~gp~example~timeoff~wd/com.sap.caf.eu.gp.example.timeoff.wd.create.ACreate \n \npage on SAP server \n \n2. Press \"Change processor\" button \n \n3. and in the \"find\" section, put the initial or name to be searched, \nfollowed by a * \n \nYou will get a list of SAP users and information. \n \n`\n", "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1645458823, "score": 1659797217}, "_internal": {"score_hash": "eac2a81819e5c39e4b97740fb1ee62fb"}}