Sap: Security Vulnerabilities
A malicious DLL preload attack possible on NwSapSetup and Installation self-extracting program for SAP Plant Connectivity 2.3 and 15.0. It is possible that SAPSetup / NwSapSetup.exe loads system DLLs like DWMAPI.dll (located in your Syswow64 / System32 folder) from the folder the executable is in and not from the system location. The desired behavior is that system dlls are only loaded from the system folders. If a dll with the same name as the system dll is located in the same folder as the executable, this dll is loaded and code is executed.
CVSS Score
7.8
EPSS Score
0.003
Published
2017-12-12
SAP Note Assistant tool (SAP BASIS from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31,7.40, from 7.50 to 7.52) supports upload of digitally signed note file of type 'SAR'. The digital signature verification is done together with the extraction of note file contained in the SAR archive. It is possible to append a tampered file to the SAR archive using SAPCAR tool and during the extraction, digital signature verification fails but the tampered file is extracted.
CVSS Score
6.5
EPSS Score
0.004
Published
2017-12-12
Cross-Site Scripting (XSS) exists in SAP Business Objects Financial Consolidation before 2017-06-13, aka SAP Security Note 2422292.
CVSS Score
6.1
EPSS Score
0.003
Published
2017-12-03
Xpress Server in SAP POS does not require authentication for read/write/delete file access. This is SAP Security Note 2520064.
CVSS Score
9.8
EPSS Score
0.005
Published
2017-10-16
The Java component in SAP CRM has CSRF. This is SAP Security Note 2478964.
CVSS Score
8.8
EPSS Score
0.001
Published
2017-10-16
SAP Hostcontrol does not require authentication for the SOAP SAPControl endpoint. This is SAP Security Note 2442993.
CVSS Score
7.5
EPSS Score
0.026
Published
2017-10-16
Xpress Server in SAP POS does not require authentication for file read and erase operations, daemon shutdown, terminal read operations, or certain attacks on credentials. This is SAP Security Note 2520064.
CVSS Score
9.8
EPSS Score
0.006
Published
2017-10-16
The Java administration console in SAP CRM has XSS. This is SAP Security Note 2478964.
CVSS Score
6.1
EPSS Score
0.003
Published
2017-10-16
Cross site scripting (XSS) vulnerability in SAP Enterprise Portal 7.50 allows remote attackers to inject arbitrary web script or HTML, aka SAP Security Notes 2469860, 2471209, and 2488516.
CVSS Score
6.1
EPSS Score
0.005
Published
2017-09-29
The Host Control web service in SAP NetWeaver AS JAVA 7.0 through 7.5 allows remote attackers to cause a denial of service (service crash) via a crafted request, aka SAP Security Note 2389181.
CVSS Score
7.5
EPSS Score
0.008
Published
2017-09-19