SAP vulnerabilities Let Attacker Inject OS Commands—Patch Now!

by Esmeralda McKenzie
SAP vulnerabilities Let Attacker Inject OS Commands—Patch Now!

SAP vulnerabilities Let Attacker Inject OS Commands—Patch Now!

SAP vulnerabilities Let Attacker Inject OS Commands—Patch Now!

SAP has launched their updates for patch day of this month, whereby loads of vulnerabilities contain been mounted and CVEs contain been updated. The severity of the patched bugs varies from 4.5 (medium) to 10.0 (serious).

Essentially the most serious severity vulnerability changed into as soon as disclosed to be connected to Chromium browser adjust delivered with SAP Alternate client which changed into as soon as given the very best precedence.

Notable Severity Vulnerabilities

With the exception of the Chromium browser adjust vulnerabilities, other serious severity vulnerabilities comprise,

SAP ECC and SAP S/4HANA (IS-OIL) (IS-OIL-DS-HPM):

That is an OS expose injection vulnerability that exists in an unprotected parameter in a conventional extension. The CVE for this vulnerability is given as CVE-2023-36922 and the CVSS gather is 9.1 (Notable).

High Severity Vulnerabilities

SAP NetWeaver (BI CONT ADD ON) (BW-BCT-GEN):

That is a Directory Traversal Vulnerability that will allow a menace actor to read possible OS recordsdata that can be overwritten for compromising the system. This vulnerability changed into as soon as given the CVE as CVE-2023-33989 and a CVSS gather of 8.7 (High).

SAP Web Dispatcher (BC-CST-WDP):

That is a Inquire of Smuggling and question concatenation vulnerability that will allow a menace actor to read, alter or produce the server fleet unavailable. The CVE for this vulnerability is given as CVE-2023-33987 and the CVSS gather is 8.6 (High)

SAP SQL Anyplace (BC-SYB-SQA-SRV):

That is a Denial of Provider (DoS) vulnerability that exists within the Shared memory objects allowing a low-privileged attacker with local system entry to local system produce the system spin unavailable for loyal customers by crashing the provider.

The CVE for this vulnerability changed into as soon as given as CVE-2023-33990 and the CVSS gather is 7.8 (High).

SAP Web Dispatcher (BC-CST-WDP):

That is a Memory Corruption vulnerability that enables a menace actor to provide memory corruption through logical errors in memory administration that can moreover kill in records disclosure or system break. The CVE for this vulnerability is given as CVE-2023-35871 and the CVSS Receive is 7.7 (High).

SAP Solution Supervisor (Diagnostics agent) (SV-SMG-DIA-SRV-AGT):

That is an unauthenticated SSRF and a header injection vulnerability. SSRF vulnerability permits an unauthenticated menace actor to provide malicious HTTP requests leading to affect on the availability and confidentiality.

On the opposite hand, the header injection vulnerability permits an attacker to support poisoned pronounce to the server by tampering the headers on a consumer question.

The CVEs for these two vulnerabilities are given as CVE-2023-36925 and CVE-2023-36921. The CVSS scores are 7.2 for both of them.

Medium Severity Vulnerabilities

Vulnerability Title CVE ID Description
SAP NetWeaver Job Integration (BC-XI-IS-WKB) CVE-2023-35872, CVE-2023-35873 Optimistic functionalities within the Message Notify System of SAP NetWeaver Job Integration does no longer contain authentication mechanisms
SAP NetWeaver AS ABAP and ABAP Platform (BC-MID-RFC) CVE-2023-35874 There has been spoiled authentication for some prerequisites that require client identity which permits malicious actors to center of attention on the community and lengthen the affect scope
SAP Allow Now (KM-SEN-MGR) More than one Vulnerabilities were addressed in this product
SAP S/4HANA (Blueprint up Journal Entry Template) (FI-FIO-GL-TRA) CVE-2023-35870 Journal entry template introduction will also be intercepted and adjusted leading to affect on confidentiality and integrity. To boot to to this, it’ll moreover result in traditional template deletion.
SAP BusinessObjects Alternate Intelligence Platform (BI-BIP-SRV) CVE-2023-36917 Unrestricted rate restrict on password exchange efficiency leading to brute power of mature password on a hijacked session.
SAP NetWeaver AS for Java (Log Viewer) (BC-JAS-SEC) CVE-2023-31405 An unauthenticated question by a menace actor can result in unwarranted modifications on a system log with out client interaction.
SAP ERP Defense Forces and Public Security (IS-DFS-BIT-DIS) CVE-2023-36924 Authenticated attacker can write arbitrary recordsdata to the syslog file with admin privileges enabled leading to compromise of utility integrity.
SAP Alternate Warehouse and SAP BW/4HANA (BW-BEX-OT-BICS-PROV) CVE-2023-33992 Publicity of unauthorized cell values which requires authorizations on the quiz and keyfigure/measure level.

Customers of those merchandise are suggested to follow the SAP security advisory and patch them accordingly in portray to quit menace actors.

Source credit : cybersecuritynews.com

Related Posts