CVE-2016-3975 – SAP NetWeaver AS JAVA 7.5 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2016-3975
Cross-site scripting (XSS) vulnerability in SAP NetWeaver AS Java 7.1 through 7.5 allows remote attackers to inject arbitrary web script or HTML via the navigationTarget parameter to irj/servlet/prt/portal/prteventname/XXX/prtroot/com.sapportals.navigation.testComponent.NavigationURLTester, aka SAP Security Note 2238375. Vulnerabilidad de XSS en SAP NetWeaver AS Java 7.1 hasta la versión 7.5 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través del parámetro navigationTarget para irj/servlet/prt/portal/prteventname/XXX/prtroot/com.sapportals.navigation.testComponent.NavigationURLTester, también conocida como SAP Security Note 2238375. SAP NetWeaver AS JAVA versions 7.1 through 7.5 suffer from a cross site scripting vulnerability. • http://packetstormsecurity.com/files/137529/SAP-NetWeaver-AS-JAVA-7.5-Cross-Site-Scripting.html http://seclists.org/fulldisclosure/2016/Jun/42 https://erpscan.io/advisories/erpscan-16-014-sap-netweaver-7-4-navigationurltester https://erpscan.io/press-center/blog/sap-security-notes-march-2016-review • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2016-3974 – SAP NetWeaver AS JAVA 7.1 < 7.5 - 'ctcprotocol Servlet' XML External Entity
https://notcve.org/view.php?id=CVE-2016-3974
XML external entity (XXE) vulnerability in the Configuration Wizard in SAP NetWeaver Java AS 7.1 through 7.5 allows remote attackers to cause a denial of service, conduct SMB Relay attacks, or access arbitrary files via a crafted XML request to _tc~monitoring~webservice~web/ServerNodesWSService, aka SAP Security Note 2235994. Vulnerabilidad de XXE en Configuration Wizard en SAP NetWeaver Java AS 7.1 hasta la versión 7.5 permite a atacantes remotos provocar una denegación de servicio, llevar a cabo ataques SMB Relay o acceder a archivos arbitrarios a través de una petición XML manipulada para _tc~monitoring~webservice~web/ServerNodesWSService, también conocida como SAP Security Note 2235994. SAP NetWeaver AS JAVA versions 7.1 through 7.5 suffer from an XML external entity injection vulnerability. • https://www.exploit-db.com/exploits/39995 http://packetstormsecurity.com/files/137527/SAP-NetWeaver-AS-JAVA-7.5-XXE-Injection.html http://seclists.org/fulldisclosure/2016/Jun/41 https://erpscan.io/advisories/erpscan-16-013-sap-netweaver-7-4-ctcprotocol-servlet-xxe https://erpscan.io/press-center/blog/sap-security-notes-march-2016-review • CWE-611: Improper Restriction of XML External Entity Reference •
CVE-2016-3973 – SAP NetWeaver AS JAVA 7.5 Information Disclosure
https://notcve.org/view.php?id=CVE-2016-3973
The chat feature in the Real-Time Collaboration (RTC) services 7.3 and 7.4 in SAP NetWeaver Java AS 7.1 through 7.5 allows remote attackers to obtain sensitive user information by visiting webdynpro/resources/sap.com/tc~rtc~coll.appl.rtc~wd_chat/Chat#, pressing "Add users", and doing a search, aka SAP Security Note 2255990. La característica de chat en los servicios Real-Time Collaboration (RTC) 7.3 y 7.4 en SAP NetWeaver Java AS 7.1 hasta la versión 7.5 permite a atacantes remotos obtener información sensible de usuario visitando webdynpro/resources/sap.com/tc~rtc~coll.appl.rtc~wd_chat/Chat#, presionando "Add users" y haciendo una búsqueda, también conocido como SAP Security Note 2255990. SAP NetWeaver AS JAVA versions 7.1 through 7.5 suffer form an information disclosure vulnerability in WD_CHAT. • http://packetstormsecurity.com/files/137579/SAP-NetWeaver-AS-JAVA-7.5-Information-Disclosure.html http://seclists.org/fulldisclosure/2016/Jun/46 https://erpscan.io/advisories/erpscan-16-016-sap-netweaver-7-4-information-disclosure-wd_chat https://erpscan.io/press-center/blog/sap-security-notes-march-2016-review • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2016-2388 – SAP NetWeaver Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2016-2388
The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.4 allows remote attackers to obtain sensitive user information via a crafted HTTP request, aka SAP Security Note 2256846. El Universal Worklist Configuration en SAP NetWeaver AS JAVA 7.4 permite a los atacantes remotos obtener información sensible de los usuarios a través de una solicitud HTTP manipulada, también conocida como SAP Security Note 2256846 SAP NetWeaver AS JAVA versions 7.1 through 7.5 suffer from an information disclosure vulnerability. The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.4 allows remote attackers to obtain sensitive user information via a crafted HTTP request. • https://www.exploit-db.com/exploits/43495 https://www.exploit-db.com/exploits/39841 http://packetstormsecurity.com/files/137128/SAP-NetWeaver-AS-JAVA-7.5-Information-Disclosure.html http://packetstormsecurity.com/files/145860/SAP-NetWeaver-J2EE-Engine-7.40-SQL-Injection.html http://seclists.org/fulldisclosure/2016/May/55 https://erpscan.io/advisories/erpscan-16-010-sap-netweaver-7-4-information-disclosure https://erpscan.io/press-center/blog/sap-security-notes-february-2016-review • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2016-2386 – SAP NetWeaver SQL Injection Vulnerability
https://notcve.org/view.php?id=CVE-2016-2386
SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2101079. Vulnerabilidad de inyección SQL en el servidor UDDI en SAP NetWeaver J2EE Engine 7.40 permite a atacantes remotos ejecutar comandos SQL arbitrarios a través de vectores no especificados, también conocida como SAP Security Note 2101079. SAP NetWeaver AS JAVA versions 7.1 through 7.5 suffer from a remote SQL injection vulnerability. SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. • https://www.exploit-db.com/exploits/43495 https://www.exploit-db.com/exploits/39840 https://github.com/murataydemir/CVE-2016-2386 http://packetstormsecurity.com/files/137129/SAP-NetWeaver-AS-JAVA-7.5-SQL-Injection.html http://seclists.org/fulldisclosure/2016/May/56 https://erpscan.io/advisories/erpscan-16-011-sap-netweaver-7-4-sql-injection-vulnerability https://erpscan.io/press-center/blog/sap-security-notes-february-2016-review https://github.com/vah13/SAP_exploit • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •