SAP Security Notes June 2012: focus on espionage
SAP has released its monthly critical patch update for June 2012 which closes many vulnerabilities in SAP products. This month 2 vulnerabilities found by ERPScan researchers Alexander Polyakov, Dmitriy Chastukhin, Alexey Tyurin and Alexander Minozhenko were closed. The vulnerabilities affect two common SAP platforms: SAP Portal and SAP PI, which are usually connected to untrusted networks such as the Internet or a public corporate network. Both vulnerabilities allow getting an unauthorized access to the sensitive technical and business-related information stored in a vulnerable SAP system or connected systems. Those vulnerabilities can lead to espionage actions performed by competitors.
The detailed list of corrected vulnerabilities is below:
- A vulnerability in SAP Process Integration. The update is available in SAP Security Note 1707494. The criticality level is 8.5 according to CVSS. By exploiting this vulnerability, an internal or external attacker can access any file located in the SAP server file system, execute a DoS attack and exploit the connected systems. With the help of this access it is possible to obtain the sensitive technical and business-related information stored in the vulnerable SAP system.
- A Directory Traversal vulnerability in SAP Portal. The update is available in SAP Security Note 1705800. The criticality level is 4.9 according to CVSS. By exploiting this vulnerability, an internal or external attacker will be able to access any files located in the SAP server file system. With the help of this access it is possible to obtain sensitive technical and business-related information stored in the vulnerable SAP system.
SAP has traditionally published acknowledgements for the found vulnerabilities to security researchers from ERPScan on their acknowledgement page.
It is highly recommended to patch all those issues to prevent business risks.
Advisories for those issues are available at ERPScan.com.
Exploits will be available soon in ERPScan Security Scanner, the innovative SAP vulnerability assessment solution, and ERPScan SaaS.