Leading SAP AG partner in discovering and solving security vulnerabilities                             What is DSecRG?          
DSECRG Advisories

[DSECRG-11-035] SAP GUI BAPI Explorer- Unauthorized execution of function

November 17, 2011/Advisories

Application: SAP NetWeaver
Versions Affected: SAP NetWeaver
Vendor URL: http://www.sap.com
Bugs:Unauthorized execution
Exploits: YES
Reported: 15.02.2011
Vendor response:16.02.2011
Date of Public Advisory:11.11.2011
Author: Dmitriy Chastuchin

Description

SAP GUI BAPI Explorer has stored XSS which can be used to unauthorized code execution on server side.

Business Risk

Legitimate user of SAP can insert a malicious script into transaction code which can run any function without authorisation or get access to OS.

Full description of DSECRG-11-035