Page 8 of 42 results (0.005 seconds)

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

Cross-site scripting (XSS) vulnerability in the ctcprotocol/Protocol servlet in SAP NetWeaver AS JAVA 7.3 allows remote attackers to inject arbitrary web script or HTML via the sessionID parameter, aka SAP Security Note 2406783. La vulnerabilidad de tipo cross-site-scripting (XSS) en el servlet ctcprotocol/Protocol en SAP NetWeaver AS JAVA versión 7.3 permite a los atacantes remotos inyectar scripts web arbitrarios o HTML por medio del parámetro sessionID, también se conoce como Nota de Seguridad de SAP 2406783. • http://www.securityfocus.com/bid/97566 https://erpscan.io/advisories/erpscan-17-017-sap-netweaver-java-7-3-java-xss-ctcprotocolprotocol-servlet • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 10.0EPSS: 21%CPEs: 1EXPL: 0

The Invoker Servlet on SAP NetWeaver Application Server Java platforms, possibly before 7.3, does not require authentication, which allows remote attackers to execute arbitrary code via an HTTP or HTTPS request, as exploited in the wild in 2013 through 2016, aka a "Detour" attack. El Invoker Servlet sobre plataformas SAP NetWeaver Application Server Java, posiblemente en versiones anteriores a 7.3, no requiere autenticación, loq ue permite a atacantes remotos ejecutar código arbitrario a través de una petición HTTP o HTTPS, según se ha explotado activamente desde 2013 hasta 2016, también conocido como un ataque "Detour". SAP NetWeaver Application Server Java Platforms Invoker Servlet does not require authentication, allowing for remote code execution via a HTTP or HTTPS request. • http://service.sap.com/sap/support/notes/1445998 http://www.onapsis.com/research/publications/sap-security-in-depth-vol4-the-invoker-servlet-a-dangerous-detour-into-sap-java-solutions http://www.securityfocus.com/bid/48925 http://www.securityfocus.com/bid/90533 http://www.us-cert.gov/ncas/alerts/TA16-132A https://www.onapsis.com/threat-report-tip-iceberg-wild-exploitation-cyber-attacks-sap-business-applications •

CVSS: 7.5EPSS: 97%CPEs: 1EXPL: 3

Directory traversal vulnerability in SAP NetWeaver AS Java 7.1 through 7.5 allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the fileName parameter to CrashFileDownloadServlet, aka SAP Security Note 2234971. Vulnerabilidad de salto de directorio en SAP NetWeaver AS Java 7.1 hasta la versión 7.5 permite a atacantes remotos leer archivos arbitrarios a través de ..\ (punto punto barra invertida) en el parámetro fileName para CrashFileDownloadServlet, también conocida como SAP Security Note 2234971. SAP NetWeaver AS JAVA versions 7.1 through 7.5 suffer from a directory traversal vulnerability. SAP NetWeaver Application Server Java Platforms contains a directory traversal vulnerability via a ..\ (dot dot backslash) in the fileName parameter to CrashFileDownloadServlet. This allows remote attackers to read files. • https://www.exploit-db.com/exploits/39996 http://packetstormsecurity.com/files/137528/SAP-NetWeaver-AS-JAVA-7.5-Directory-Traversal.html http://seclists.org/fulldisclosure/2016/Jun/40 https://erpscan.io/advisories/erpscan-16-012 https://erpscan.io/press-center/blog/sap-security-notes-march-2016-review https://launchpad.support.sap.com/#/notes/2234971 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2

Cross-site scripting (XSS) vulnerability in SAP NetWeaver AS Java 7.1 through 7.5 allows remote attackers to inject arbitrary web script or HTML via the navigationTarget parameter to irj/servlet/prt/portal/prteventname/XXX/prtroot/com.sapportals.navigation.testComponent.NavigationURLTester, aka SAP Security Note 2238375. Vulnerabilidad de XSS en SAP NetWeaver AS Java 7.1 hasta la versión 7.5 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través del parámetro navigationTarget para irj/servlet/prt/portal/prteventname/XXX/prtroot/com.sapportals.navigation.testComponent.NavigationURLTester, también conocida como SAP Security Note 2238375. SAP NetWeaver AS JAVA versions 7.1 through 7.5 suffer from a cross site scripting vulnerability. • http://packetstormsecurity.com/files/137529/SAP-NetWeaver-AS-JAVA-7.5-Cross-Site-Scripting.html http://seclists.org/fulldisclosure/2016/Jun/42 https://erpscan.io/advisories/erpscan-16-014-sap-netweaver-7-4-navigationurltester https://erpscan.io/press-center/blog/sap-security-notes-march-2016-review • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 3

XML external entity (XXE) vulnerability in the Configuration Wizard in SAP NetWeaver Java AS 7.1 through 7.5 allows remote attackers to cause a denial of service, conduct SMB Relay attacks, or access arbitrary files via a crafted XML request to _tc~monitoring~webservice~web/ServerNodesWSService, aka SAP Security Note 2235994. Vulnerabilidad de XXE en Configuration Wizard en SAP NetWeaver Java AS 7.1 hasta la versión 7.5 permite a atacantes remotos provocar una denegación de servicio, llevar a cabo ataques SMB Relay o acceder a archivos arbitrarios a través de una petición XML manipulada para _tc~monitoring~webservice~web/ServerNodesWSService, también conocida como SAP Security Note 2235994. SAP NetWeaver AS JAVA versions 7.1 through 7.5 suffer from an XML external entity injection vulnerability. • https://www.exploit-db.com/exploits/39995 http://packetstormsecurity.com/files/137527/SAP-NetWeaver-AS-JAVA-7.5-XXE-Injection.html http://seclists.org/fulldisclosure/2016/Jun/41 https://erpscan.io/advisories/erpscan-16-013-sap-netweaver-7-4-ctcprotocol-servlet-xxe https://erpscan.io/press-center/blog/sap-security-notes-march-2016-review • CWE-611: Improper Restriction of XML External Entity Reference •