SAP Redwood BPA Message Service crypto secret information disclosure

Application: SAP Redwood BPA Vendor URL: SAP Bugs: Information Disclosure Reported: 09.11.2017 Vendor response: 10.11.2017 Date of Public Advisory: 13.03.2018 Reference: SAP Security Note 2596535 Author: Mathieu Geli ERPScan DESCRIPTION An anonymous network attacker can forge valid packets that a...

Oracle MICROS POS missing authorisation check

Application: Oracle MICROS POS Versions Affected: Oracle Hospitality Simphony 2.7-2.9 Vendor URL: Oracle Bug: Missing Authentication for Critical Function Reported: 21.07.2017 Vendor response: 22.07.2017 Date of Public Advisory: 17.01.2018 Reference: Oracle CPU January 2018 Author: Dmitry Chastuh...

XSS in CRM (Administration Console, Java)

Application: SAP Java CRM Versions Affected: SAP Java CRM 700-754 Vendor URL: SAP Bug: XSS Reported: 20.06.2017 Vendor response: 21.06.2017 Date of Public Advisory: 11.07.2017 Reference: SAP Security Note 2478964 Author: Vladimir Egorov ERPScan VULNERABILITY INFORMATION Class: XSS Risk: Medium...

CSRF in SAP Java CRM

Application: SAP CRM Versions Affected: SAP Java CRM 700-754 Vendor URL: SAP Bug: CSRF Reported: 20.06.2017 Vendor response: 21.06.2017 Date of Public Advisory: 11.07.2017 Reference: SAP Security Note 2478964 Author: Vladimir Egorov ERPScan VULNERABILITY INFORMATION Class: CSRF Risk: Medium Impac...

HANA DB credentials exposed to XSA applications

Application: SAP HANA Versions Affected: 1.0 SPS11, SPS12 and 2.0 with XS Advanced Vendor URL: SAP Bug: Information Disclosure Reported: 20.06.2017 Vendor response: 21.06.2017 Date of Public Advisory: 14.11.2017 Reference: SAP Security Note 2508673 Author: Mathieu Geli ERPScan VULNERABILITY...

Information disclosure in SAP HANA XS classic user self-service

Application: SAP HANA Versions Affected: SAP HANA SPS12, SPS10, SAP HANA 2.0 Vendor URL: SAP Bug: Information Disclosure Reported: 20.06.2017 Vendor response: 21.06.2017 Date of Public Advisory: 12.12.2017 Reference: SAP Security Note 2549983 Author: Mikhail Medvedev ERPScan VULNERABILITY...

Information Disclosure in PeopleSoft Listening Connector

Application: Oracle PeopleSoft Versions Affected: Oracle PeopleTools 8.54 – 8.56 Vendor: Oracle Bugs: Information Disclosure Reported: 15.06.2017 Vendor response: 16.06.2017 Date of Public Advisory: 17.01.2018 Reference: Oracle CPU January 2018 Authors: Dmitri Iudin aka @ret5et ERPScan...

Log injection in SAP NetWeaver AS Java using basic auth

Application: SAP NetWeaver AS Java Versions Affected: ENGINEAPI 7.10-7.50 Vendor URL: SAP Bug: Log Injection Reported: 17.05.2017 Vendor response: 18.05.2017 Date of Public Advisory: 14.11.2017 Reference: SAP Security Note 2485208 Author: Vahagn Vardanyan ERPScan VULNERABILITY INFORMATION Class:...

XSS in SAP NetWeaver AS Java SRM

Application: SAP SRM Versions Affected: SAP SRM 701 – 714 Vendor URL: SAP Bug: XSS Reported: 17.05.2017 Vendor response: 18.05.2017 Date of Public Advisory: 08.08.2017 Reference: SAP Security Note 2493099 Author: Vahagn Vardanyan ERPScan VULNERABILITY INFORMATION Class: XSS Risk: Medium Impact:...

Information disclosure in SAP NW AS Java SRM package

Application: SAP SRM Versions Affected: SAP SRM 701 – 714 Vendor URL: SAP Bug: Information Disclosure Reported: 17.05.2017 Vendor response: 18.05.2017 Date of Public Advisory: 08.08.2017 Reference: SAP Security Note 2493099 Author: Vahagn Vardanyan ERPScan VULNERABILITY INFORMATION Class:...

Denial of Service in Enqueue server

Application: SAP Enqueue Versions Affected: 7490.17.26.5735 Vendor URL: SAP Bug: DoS Reported: 16.05.2017 Vendor response: 17.05.2017 Date of Public Advisory: 10.10.2017 Reference: SAP Security Note 2476937 Author: Vahagn Vardanyan ERPScan VULNERABILITY INFORMATION Class: Denial of Service Risk:...

Insecure log configuration in TREX

Application: SAP TREX Versions Affected: SAP TREX 7.1-7.25 Vendor URL: SAP Bug: Information disclosure Reported: 16.05.2017 Vendor response: 17.05.2017 Date of Public Advisory: 12.09.2017 Reference: SAP Security Note 2489196 Author: Nursultan Abubakirov ERPScan VULNERABILITY INFORMATION Class:...

XSS in CRM (Java)

Application: SAP CRM Versions Affected: SAP CRM 700-732 Vendor URL: SAP Bug: XSS Reported: 16.05.2017 Vendor response: 17.05.2017 Date of Public Advisory: 08.08.2017 Reference: SAP Security Note 2481262 Author: Vladimir Egorov ERPScan VULNERABILITY INFORMATION Class: XSS Risk: Medium Impact:...

SAP POS Missing Authentication in XpressServer

Application: SAP POS Xpress Server Vendor URL: SAP Bug: Missing Authentication Check Reported: 15.05.2017 Vendor response: 16.05.2017 Date of Public Advisory: 11.07.2017 Reference: SAP Security Note 2520064 Author: Vladimir Egorov ERPScan VULNERABILITY INFORMATION Class: Missing Authentication...

RCE via path Traversal using CSRF in SAP CRM

Application: SAP NetWeaver Versions Affected: SAP CRM 13676083 Vendor URL: SAP Bugs: CSRF, Path Traversal Reported: 05.10.2017 Vendor response: 06.10.2017 Date of Public Advisory: 13.02.2018 Reference: SAP Security Note 2547431 Author: Vahagn Vardanyan ERPScan, Vladimir Egorov ERPScan VULNERABILI...

SAP Java P4 SLD SSRF

Application: SAP NetWeaver Versions Affected: SAP Netweaver 7.4, 7.5 Vendor URL: SAP Bug: SSRF Reported: 05.10.2017 Vendor response: 06.10.2017 Date of Public Advisory: 13.02.2018 Reference: SAP Security Note 2565622 Author: Mathieu Geli ERPScan VULNERABILITY INFORMATION Class: Missing...

HANA server memory disclosure

Application: SAP NetWeaver Versions Affected: SAP HANA 1.0, 2.0 all versions Vendor URL: SAP Bugs: Information Disclosure Reported: 05.10.2017 Vendor response: 06.10.2017 Date of Public Advisory: 13.02.2018 Reference: SAP Security Note 2572940 Author: Mathieu Geli ERPScan VULNERABILITY INFORMATIO...

File Upload in Integration Gateway (PSIGW) - PeopleSoft

Application: Oracle PeopleSoft Versions Affected: PeopleTools 8.54, 8.55 Vendor: Oracle Bugs: File Upload Reported: 27.03.2017 Vendor response: 28.03.2017 Date of Public Advisory: 18.07.2017 Reference: Oracle CPU July 2017 Authors: Roman Shalymov ERPScan VULNERABILITY INFORMATION Class: File Uplo...

Directory Traversal Vulnerability in Integration Gateway (PSIGW)

Application: Oracle PeopleSoft Versions Affected: PeopleTools 8.54, 8.55 Vendor: Oracle Bugs: Directory Traversal Reported: 27.03.2017 Vendor response: 28.03.2017 Date of Public Advisory: 18.07.2017 Reference: Oracle CPU July 2017 Authors: Roman Shalymov ERPScan VULNERABILITY INFORMATION Class:...

Anonymous Directory Traversal Vulnerability (Double Encode) - PeopleSoft

Application: Oracle PeopleSoft Versions Affected: PeopleTools 8.54, 8.55 Vendor: Oracle Bugs: Directory Traversal and Authentication Bypass Reported: 16.03.2017 Vendor response: 17.03.2017 Date of Public Advisory: 18.07.2017 Reference: Oracle CPU July 2017 Authors: Dmitrii Iudin aka @ret5et ERPSc...

Unauthorized Container Shutdown In ServerMigrationCoordinator

Application: Oracle PeopleSoft Versions Affected: PeopleSoft FSCM 9.2 Vendor: Oracle Bug: Missing Authentication for Critical Function Reported: 16.03.2017 Vendor response: 17.03.2017 Date of Public Advisory: 18.07.2017 Reference: Oracle CPU July 2017 Authors: Vahagn Vardanyan ERPScan VULNERABILI...

Anonymous log injection in FSCM

Application: Oracle PeopleSoft Versions Affected: PeopleSoft FSCM 9.2 Vendor: Oracle Bug: Anonymous log injection Reported: 16.03.2017 Vendor response: 17.03.2017 Date of Public Advisory: 18.07.2017 Reference: Oracle CPU July 2017 Authors: Vahagn Vardanyan ERPScan VULNERABILITY INFORMATION Class:...

SAP POS Missing Authentication in XpressServer

Application: SAP POS Xpress Server Vendor URL: SAP Bugs: Missing Authentication Reported: 03.04.2017 Vendor response: 04.04.2017 Date of Public Advisory: 11.07.2017 Reference: SAP Security Note 2520064 Author: Dmitry Chastuhin ERPScan VULNERABILITY INFORMATION Class: Missing Authentication Check...

SAP NetWeaver AS ABAP SQL Injection

Application: SAP CRM Versions Affected: SAP CRM 700 – 801 Vendor URL: SAP Bug: SQL Injection Reported: 27.02.2017 Vendor response: 28.02.2017 Date of Public Advisory: 08.08.2017 Reference: SAP Security Note 2450979 Author: Vahagn Vardanyan ERPScan VULNERABILITY INFORMATION Class: SQL Injection...

SAP Hostcontrol unprotected web method / DOS

Application: SAP Host Agent Versions Affected: SAP Host Agent 7.21 Vendor URL: SAP Bugs: Missing Authentication Reported: 27.02.2017 Vendor response: 28.02.2017 Date of Public Advisory: 11.07.2017 Reference: SAP Security Note 2442993 Author: Mathieu Geli ERPScan VULNERABILITY INFORMATION Class:...

Multiple XSS Vulnerabilities in TestServlet (PeopleSoft)

Application: Oracle PeopleSoft Versions Affected: PeopleTools 8.54, 8.55 Vendor: Oracle Bugs: XSS Reported: 26.01.2017 Vendor response: 27.01.2017 Date of Public Advisory: 18.07.2017 Reference: Oracle CPU July 2017 Authors: Dmitri Iudin aka @ret5et ERPScan VULNERABILITY INFORMATION Class: XSS...

SAP TREX RCE

Application: SAP TREX Versions Affected: SAP TREX 7.10 Vendor URL: SAP Bugs: RCE Reported: 23.01.2017 Vendor response: 24.01.2017 Date of Public Advisory: 11.04.2017 Reference: SAP Security Note 2419592 Author: Mathieu Geli ERPScan VULNERABILITY INFORMATION Class: Missing Authentication for...

SAP NetWeaver AS Java logon_app OpenRedirect

Application: SAP NetWeaver AS Java Versions Affected: SAP NetWeaver AS Java 7.11-7.50 Vendor URL: SAP Bug: Open redirect Reported: 18.01.2017 Vendor response: 19.01.2017 Date of Public Advisory: 08.08.2017 Reference: SAP Security Note 2423540 Author: Vahagn Vardanyan ERPScan VULNERABILITY...

CRLF Injection - PeopleSoft IMServlet

Application: Oracle PeopleSoft Versions Affected: ToolsRelease: 8.55.03; ToolsReleaseDB: 8.55; PeopleSoft HCM 9.2 Vendor: Oracle Bugs: SSRF Reported: 23.12.2016 Vendor response: 24.12.2016 Date of Public Advisory: 18.04.2017 Reference: Oracle CPU April 2017 Authors: Dmitry Yudin ERPScan aka...

XXE VIA DOCTYPE in PeopleSoft

Application: Oracle PeopleSoft Versions Affected: PeopleSoft HCM 9.2 on PeopleTools 8.55 Vendor: Oracle Bugs: XXE Reported: 23.12.2016 Vendor response: 24.12.2016 Date of Public Advisory: 18.04.2017 Reference: Oracle CPU April 2017 Authors: Nadya Krivdyuk ERPScan VULNERABILITY INFORMATION Class:...

AUTH BYPASS For File Downloading - Oracle E-Business Suite

Application: Oracle E-Business Suite Versions Affected:Oracle E-Business Suite 12.2.3 Vendor: Oracle Bugs: AUTH BYPASS Reported: 23.12.2016 Vendor response: 24.12.2016 Date of Public Advisory: 18.04.2017 Reference: Oracle CPU April 2017 Authors: Alexey Tyurin ERPScan, Ivan Chalykin ERPScan...

SQL Injection in E-Business Suite IESFOOTPRINT

Application: Oracle E-Business Suite Versions Affected: Oracle EBS 12.2.3 Vendor: Oracle Bugs: SQL injection Reported: 23.12.2016 Vendor response: 24.12.2016 Date of Public Advisory: 18.04.2017 Reference: Oracle CPU April 2017 Authors: Dmitry Chastuhin ERPScan VULNERABILITY INFORMATION Class: SQL...

DoS in Oracle E-Business Suite ANONYMOUSLOGIN

Application: Oracle E-Business Suite Versions Affected: Oracle E-Business Suite 12.2.3 Vendor: Oracle Bugs: DoS Reported: 23.12.2016 Vendor response: 24.12.2016 Date of Public Advisory: 18.04.2017 Reference: Oracle CPU April 2017 Authors: Alexey Tyurin ERPScan, Ivan Chalykin ERPScan VULNERABILITY...

XSS - Oracle E-Business Suite JTFFMPRINTSERVER

Application: Oracle E-Business Suite Versions Affected: Oracle E-Business Suite 12.2.3 Vendor: Oracle Bugs: XSS Reported: 23.12.2016 Vendor response: 24.12.2016 Date of Public Advisory: 18.04.2017 Reference: Oracle CPU April 2017 Authors: Ivan Chalykin ERPScan VULNERABILITY INFORMATION Class: XSS...

Oracle OpenJDK - Java Serialization DoS vulnerability

Application: Oracle OpenJDK Vendor: Oracle Bug: DoS Reported: 23.12.2016 Vendor response: 24.12.2016 Date of Public Advisory: 17.01.2017 Reference: Oracle CPU Jan 2017 Authors: Roman Shalymov VULNERABILITY INFORMATION Class: Denial of Service Remotely Exploitable: Yes Locally Exploitable: Yes CVS...

SSRF in PeopleSoft IMServlet

Application: Oracle PeopleSoft Versions Affected: ToolsRelease: 8.55.03; ToolsReleaseDB: 8.55; PeopleSoft HCM 9.2 Vendor: Oracle Bugs: SSRF Reported: 23.12.2016 Vendor response: 24.12.2016 Date of Public Advisory: 18.04.2017 Reference: Oracle CPU April 2017 Authors: Roman Shalymov ERPScan...

SAP GUI for Windows - Remote Code Execution + bypass security policy

Application: SAP GUI Versions Affected: SAP GUI 7.2-7.5 Vendor URL: SAP Bugs: Remote Code Execution Reported: 15.12.2016 Vendor response: 16.12.2016 Date of Public Advisory: 14.03.2017 Reference: SAP Security Note 2407616 Authors: Dmitry Yudin ERPScan aka @ret5et, Vahagn Vardanyan ERPScan, Dmitry...

SAP NetWeaver AS ABAP disp+work crash

Application: SAP NetWeaver ABAP Versions Affected: SAP KERNEL 7.40 64BIT, disp+work.exe 7400.12.21.30308 Vendor URL: SAP Bugs: DoS Reported: 15.12.2016 Vendor response: 16.12.2016 Date of Public Advisory: 14.03.2017 Reference: SAP Security Note 2406841 Author: Vahagn Vardanyan ERPScan VULNERABILI...

SAP GUI for Java - insecure default settings

Application: SAP GUI for Java Versions Affected: SAP GUI for Java 7.40 Vendor URL: SAP Bug: Insecure default settings Reported: 15.12.2016 Vendor response: 16.12.2016 Date of Public Advisory: 09.05.2017 Reference: SAP Security Note 2448972 Authors: Dmitry Yudin ERPScan, Vahagn Vardanyan ERPScan,...

SAP NetWeaver disp+work anonymous denial of service with crafted DIAG request

Application: SAP NetWeaver Versions Affected: SAP NetWeaver disp+work 7.4 Vendor URL: SAP Bugs: DoS Reported: 13.12.2016 Vendor response: 14.12.2016 Date of Public Advisory: 14.03.2017 Reference: SAP Security Note 2405918 Author: Vahagn Vardanyan ERPScan VULNERABILITY INFORMATION Class: DoS Impac...

SAP NetWeaver 7.3 AS Java XSS in CAFAdapterTest servlet

Application: SAP NetWeaver AS Java Versions Affected: SAP NetWeaver AS Java 7.3 Vendor URL: SAP Bug: XSS Reported: 13.12.2016 Vendor response: 14.12.2016 Date of Public Advisory: 13.06.2017 Reference: SAP Security Note 2405943 Authors: Vahagn Vardanyan ERPScan VULNERABILITY INFORMATION Class:...

SAP Business Objects DS Open redirect

Application: SAP BO DS Versions Affected: SAP BO DS 4.2 Vendor URL: SAP Bug: Open Redirect Reported: 13.12.2016 Vendor response: 14.12.2016 Date of Public Advisory: 13.06.2017 Reference: SAP Security Note 2472026 Authors: Nursultan Abubakirov ERPScan VULNERABILITY INFORMATION Class: CWE-601 Impac...

SAP NetWeaver AS JAVA 7.3 AS JAVA XSS in ctcprotocol/Protocol servlet

Application: SAP NetWeaver AS JAVA Versions Affected: SAP NetWeaver AS JAVA 7.3 Vendor URL: SAP Bugs: XXS Reported: 13.12.2016 Vendor response: 14.12.2016 Date of Public Advisory: 11.04.2017 Reference: SAP Security Note 2406783 Author: Vahagn Vardanyan ERPScan VULNERABILITY INFORMATION Class: XSS...

SAP HANA Sinopia - default user creation policy insecure

Application: SAP HANA Versions Affected: SAP HANA SPS12 Vendor URL: SAP Bug: Insecure default configuration Reported: 13.12.2016 Vendor response: 14.12.2016 Date of Public Advisory: 14.02.2017 Reference: SAP Security Note 2407694 Author: Mathieu Geli ERPScan VULNERABILITY INFORMATION Class:...

SAP NetWeaver AS Java XSS in GenericSemanticTest component

Application: SAP NetWeaver AS Java Versions Affected: SAP NetWeaver AS Java 7.4 Vendor URL: SAP Bugs: XSS Reported: 13.12.2016 Vendor response: 14.12.2016 Date of Public Advisory: 14.03.2017 Reference: SAP Security Note 2408100 Author: Boris Sanin ERPScan VULNERABILITY INFORMATION Class: XSS...

SAP NetWeaver disp+work anonymous denial of service

Application: SAP NetWeaver Versions Affected: SAP KERNEL 7.40 64BIT, disp+work.exe 7400.12.21.30308 Vendor URL: SAP Bugs: DoS Reported: 13.12.2016 Vendor response: 14.12.2016 Date of Public Advisory: 14.03.2017 Reference: SAP Security Note 2405918 Author: Vahagn Vardanyan ERPScan VULNERABILITY...

SAP HANA XS Sinopia - DoS vulnerability

Application: SAP HANA Versions Affected: SAP HANA 1 and SAP HANA 2 Vendor URL: SAP Bug: DoS Reported: 13.12.2016 Vendor response: 14.12.2016 Date of Public Advisory: 14.02.2017 Reference: SAP Security Note 2407694 Authors: Mikhail Medvedev ERPScan, Mathieu Geli ERPScan VULNERABILITY INFORMATION...

SAP Solman - user accounts disclosure CVE-2016-10005

Application: SAP Solman Versions Affected: SAP Solman 7.1-7.31 Vendor URL: SAP Bugs: Information Disclosure Reported: 12.07.2016 Vendor response: 13.07.2016 Date of Public Advisory: 13.09.2016 Reference: SAP Security Note 2344524 Author: Roman Bezhan ERPScan VULNERABILITY INFORMATION CVE-2016-100...

Oracle PeopleSoft – XSS vulnerability

Application: Oracle PeopleSoft Vendor: Oracle Bug: XXS Reported: 31.10.2016 Vendor response: 1.11.2016 Date of Public Advisory: 17.01.2017 Reference: Oracle CPU Jan 2017 Authors: Vahagn Vardanyan, Dmitry Yudin VULNERABILITY INFORMATION Class: XSS CWE-79 Impact: steal information Remotely...

SAP AS JAVA P4 MSPRuntimeInterface information disclosure

Application: SAP AS JAVA P4 Versions Affected: SAP AS JAVA P4 7.4 Vendor URL: SAP Bugs: Information disclosure Reported: 10.03.2016 Vendor response: 11.03.2016 Date of Public Advisory: 12.10.2016 Reference: SAP Security Note 2331908 Author: Vahagn Vardanyan ERPScan VULNERABILITY INFORMATION Class...