Lucene search
ERPScan1337DAY-ID-25050HistoryMay 19, 2016 - 12:00 a.m.
SAP NetWeaver AS JAVA 7.1 < 7.5 - Information Disclosure
2016-05-1900:00:00
ERPScan
0day.today
52
0.013 Low
EPSS
Percentile
85.6%
Exploit for java platform in category web applications
Application:SAP NetWeaver AS JAVA
Versions Affected: SAP NetWeaver AS JAVA 7.1 - 7.5
Vendor URL: http://SAP.com
Bugs: information disclosure
Sent: 15.09.2015
Reported: 15.09.2015
Vendor response: 16.09.2015
Date of Public Advisory: 09.02.2016
Reference: SAP Security Note 2256846
Author: Vahagn Vardanyan (ERPScan)
Description
1. ADVISORY INFORMATION
Title: SAP NetWeaver AS JAVA β information disclosure vulnerability
Advisory ID: [ERPSCAN-16-010]
Risk: Medium
Advisory URL: https://erpscan.com/advisories/erpscan-16-010-sap-netweaver-7-4-information-disclosure/
Date published: 09.02.2016
Vendors contacted: SAP
2. VULNERABILITY INFORMATION
Class: Information disclosure
Impact: Resource consumption
Remotely Exploitable: Yes
Locally Exploitable: No
CVE: CVE-2016-2388
CVSS Information
CVSS Base Score v3: 5.3 / 10
CVSS Base Vector:
AV : Access Vector (Related exploit range) Network (N)
AC : Access Complexity (Required attack complexity) Low (L)
Au : Authentication (Level of authentication needed to exploit) None (N)
C : Impact to Confidentiality Low(N)
I : Impact to Integrity None(N)
A : Impact to Availability None (N)
3. VULNERABILITY DESCRIPTION
Anonymous attacker can use a special HTTP request to get information
about SAP NetWeaver users.
4. VULNERABLE PACKAGES
SAP NetWeaver AS JAVA 7.1- 7.5
Other versions are probably affected too, but they were not checked.
5. SOLUTIONS AND WORKAROUNDS
To correct this vulnerability, install SAP Security Note 2256846
6. AUTHOR
Vahagn Vardanyan (ERPScan)
7. TECHNICAL DESCRIPTION
An attacker can use Information disclosure vulnerability to reveal
additional information (system data, debugging information, etc) that
will help him to learn more about a system and to plan further
attacks.
Steps to exploit this vulnerability
1. Open http://SAP:50000/webdynpro/resources/sap.com/XXX/JWFTestAddAssignees#
page on SAP server
2. Press "Choose" button
3. In the opened window press βSearchβ
You will get a list of SAP users
8. REPORT TIMELINE
Sent: 15.09.2015
Reported: 15.09.2015
Vendor response: 16.09.2015
Date of Public Advisory: 09.02.2016
9. REFERENCES
https://erpscan.com/advisories/erpscan-16-010-sap-netweaver-7-4-information-disclosure/
# 0day.today [2018-01-04] #Related
cisa_kev
cisa_kev
SAP NetWeaver Information Disclosure Vulnerability
2022-06-09 00:00:00
cvelist
cvelist
CVE-2016-2388
2016-02-16 15:00:00
nvd
nvd
CVE-2016-2388
2016-02-16 15:59:02
cve
cve
CVE-2016-2388
2016-02-16 15:59:02
exploitpack
exploitpack
SAP NetWeaver AS JAVA 7.1 7.5 - Information Disclosure
2016-05-19 00:00:00
SAP NetWeaver J2EE Engine 7.40 - SQL Injection
2018-01-10 00:00:00
attackerkb
attackerkb
CVE-2016-2388
2016-02-16 00:00:00
erpscan
erpscan
SAP NetWeaver AS JAVA - information disclosure vulnerability
2015-09-15 00:00:00
prion
prion
Design/Logic Flaw
2016-02-16 15:59:00
checkpoint_advisories
checkpoint_advisories
SAP NetWeaver Information Disclosure (CVE-2016-2388)
2022-07-20 00:00:00
packetstorm
packetstorm
SAP NetWeaver AS JAVA 7.5 Information Disclosure
2016-05-19 00:00:00
SAP NetWeaver J2EE Engine 7.40 SQL Injection
2018-01-12 00:00:00
nessus
nessus
SAP NetWeaver AS Java Information Disclosure (2256846)
2022-06-16 00:00:00
exploitdb
exploitdb
SAP NetWeaver AS JAVA 7.1 < 7.5 - Information Disclosure
2016-05-19 00:00:00
SAP NetWeaver J2EE Engine 7.40 - SQL Injection
2018-01-10 00:00:00
zdt
zdt
SAP NetWeaver J2EE Engine 7.40 - SQL Injection Exploit
2018-01-11 00:00:00
openvas
openvas
SAP NetWeaver AS Java Multiple Vulnerabilities (2101079, 2191290, 2256846)
2016-05-23 00:00:00