Close

HAVE QUESTIONS?

A partner account manager can help. Contact us today.

[ERPSCAN-16-011] SAP NetWeaver AS JAVA – SQL injection vulnerability

Application: SAP NetWeaver AS JAVA
Versions Affected: SAP NetWeaver AS JAVA 7.1 - 7.5
Vendor URL: SAP
Bugs: SQL injection
Reported: 18.08.2015
Vendor response: 19.08.2015
Date of Public Advisory: 09.02.2016
Reference: SAP Security Note 2101079
Author: Vahagn Vardanyan (ERPScan)

VULNERABILITY INFORMATION
Class: SQL injection
Impact: Resource consumption
Remotely Exploitable: Yes
Locally Exploitable: No
CVE: 2016-2386
CVSS Information
CVSS Base Score v3: 9.1 / 10
CVSS Base Vector:

AV : Access Vector (Related exploit range) Network (N)
AC : Access Complexity (Required attack complexity) Low (L)
Au : Authentication (Level of authentication needed to exploit) None (N)
C : Impact to Confidentiality High (H)
I : Impact to Integrity High(H)
A : Impact to Availability None (N)

Description
An SQL injection vulnerability means that a code comprises an SQL statement that contains strings that can be altered by an attacker. The manipulated SQL statement can be used to gain additional data from the database or to modify the information.

Business Risk
By exploiting this vulnerability, an internal or external attacker can escalate their privileges. This access allows obtaining sensitive technical and business-related information stored in the vulnerable SAP system.

VULNERABLE PACKAGES
SAP NetWeaver AS JAVA 7.1 - 7.5

SOLUTIONS AND WORKAROUNDS
To correct this vulnerability, install SAP Security Note 2101079

TECHNICAL DESCRIPTION
By exploiting this vulnerability, an internal or external attacker can escalate their privileges. This access allows obtaining sensitive technical and business-related information stored in the vulnerable SAP system.
PoC