Close

HAVE QUESTIONS?

A partner account manager can help. Contact us today.

 Subscribe me to your mailing list

[ERPSCAN-13-021] SAP Portal – Unvalidated redirect

Application: SAP NetWeaver JAVA
Versions Affected: SAP NetWeaver J2EE 6.40/7.02, probably others
Vendor URL: http://www.sap.com
Bugs: Information disclosure
Exploits: YES
Reported: 20.04.2013
Vendor response: 21.04.2013
Date of Public Advisory: 30.10.2013
Reference: SAP Security Note 1854826
CVSS: AV:N/AC:H/AU:N/C:P/I:N/A:N 2.6
Author: Alexander Polyakov (ERPScan)

Description
It is possible to send a link to this service to any user. As a result, they will connect to evilhost and send their cookies and SAPPASSPORT in HTTP headers.

Business Risk
An open redirect is an application that takes a parameter and redirects users to the parameter value without any validation. This vulnerability is used in phishing attacks to get users to visit malicious sites without realizing it.

Defense

To prevent this issue as well as a plethora of other vulnerabilities that may affect your systems, ERPScan provides the following services: