A partner account manager can help. Contact us today.

 Subscribe me to your mailing list

[ERPSCAN-16-031] SAP NetWeaver AS ABAP – directory traversal using READ DATASET

Application: SAP NetWeaver AS ABAP
Versions Affected: SAP NetWeaver AS ABAP 7.4
Vendor URL: SAP
Bugs: Directory traversal
Reported: 22.04.2016
Vendor response: 23.04.2016
Date of Public Advisory: 08.08.2016
Reference: SAP Security Note 2312966
Author: Daria Prosochkina (ERPScan)


An attacker may be able to read the contents of unexpected files and expose sensitive data. If a targeted file is used as a security mechanism, then the attacker may be able to bypass that mechanism. For example, by reading a password file, the attacker could conduct brute force password guessing attacks in order to break into an account on the system.

Business risk

An attacker can use Directory traversal to access to arbitrary files and directories located in an SAP server filesystem including application source code, configuration and system files. It allows obtaining critical technical and business-related information stored in a vulnerable SAP system.