Leading SAP SE partner in discovering and solving security vulnerabilities                                 Request DEMO             
DSECRG Advisories

[DSECRG-12-026] SAP NetWeaver RZL_READ_DIR_LOCAL – missing authorization check and SMB Relay vulnerability

Application: SAP NetWeaver
Versions Affected: SAP NetWeaver
Vendor URL: http://www.sap.com
Bugs:Missing auth check
Exploits: YES
Reported: 13.05.2011
Vendor response:15.05.2011
Date of Public Advisory:13.03.2012
Reference: SAP Note 1595074
Author:Alexey Tyurin (ERPScan)

Description

Missing authorization check in FRC function RZL_READ_DIR_LOCAL.

Business Risk

Attacker can execute vulnerable transaction, programm or RFC function remotely without authentication because authorization check is missing. It can lead to various threats, from information disclosure to full system compromise.