Vulnerability Details CVE-2017-16679
URL redirection vulnerability in SAP's Startup Service, SAP KERNEL 32 NUC, SAP KERNEL 32 Unicode, SAP KERNEL 64 NUC, SAP KERNEL 64 Unicode 7.21, 7.21EXT, 7.22 and 7.22EXT; SAP KERNEL 7.21, 7.22, 7.45, 7.49 and 7.52, that allows an attacker to redirect users to a malicious site.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 39.2%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 5.8
References
- http://www.securityfocus.com/bid/102157
- https://blogs.sap.com/2017/12/12/sap-security-patch-day-december-2017/
- https://launchpad.support.sap.com/#/notes/2520995
- http://www.securityfocus.com/bid/102157
- https://blogs.sap.com/2017/12/12/sap-security-patch-day-december-2017/
- https://launchpad.support.sap.com/#/notes/2520995
Products affected by CVE-2017-16679
-
cpe:2.3:o:sap:sap_kernel:7.21
-
cpe:2.3:o:sap:sap_kernel:7.21ext
-
cpe:2.3:o:sap:sap_kernel:7.22
-
cpe:2.3:o:sap:sap_kernel:7.22ext
-
cpe:2.3:o:sap:sap_kernel:7.45
-
cpe:2.3:o:sap:sap_kernel:7.49
-
cpe:2.3:o:sap:sap_kernel:7.52