Close

HAVE QUESTIONS?

A partner account manager can help. Contact us today.

Subscribe me to your mailing list

[ERPSCAN-16-019] SAP NetWeaver Enqueue Server – DoS vulnerability

Application: SAP AS JAVA
Versions Affected: SAP AS JAVA 7.1 - 7.4
Vendor URL: SAP
Bugs: Denial of Service
Reported: 04.12.2015
Vendor response: 05.12.2015
Date of Public Advisory: 12.04.2016
Reference: SAP Security Note 2258784
Author: Vahagn Vardanyan (ERPScan)

VULNERABILITY INFORMATION

Class: denial of service
Impact: denial of service
Remotely Exploitable: Yes
Locally Exploitable: No
CVE: CVE-2016-4015

CVSS Information

CVSS v3 Base Score: 7.5 / 10
CVSS v3 Base Vector:

AV: Attack Vector (Related exploit range) Network (N)
AC: Attack Complexity (Required attack complexity) Low (L)
PR: Privileges Required (Level of privileges needed to exploit) None (N)
UI: User Interaction (Required user participation) None (N)
S: Scope (Change in scope due to impact caused to components beyond the vulnerable component) Unchanged (U)
C: Impact to Confidentiality None (N)
I: Impact to Integrity None (N)
A: Impact to Availability High (H)

Description

Anonymous attacker can use a special request to cause a denial of service in SAP Enqueue.

Business risk

An attacker can use a Denial of service vulnerability to terminate a process of the vulnerable component. For this time, nobody can use this service, which negatively influences on business processes, system downtime, and business reputation as result.

VULNERABLE PACKAGES

SAP NetWeaver Enqueue Server 7.4
Other versions are probably affected too, but they were not checked.

SOLUTIONS AND WORKAROUNDS

To correct this vulnerability, install SAP Security Note 2258784

TECHNICAL DESCRIPTION

Enqueue Server allows an anonymous attacker to prevent legitimate users from accessing the service, either by crashing or flooding it.

To reproduce this vulnerability, send to Enqueue server the following TCP data