Directory traversal in SAP NetWeaver Application Server

Published: 2017-08-08 10:27:59
Severity High
Patch available NO
Number of vulnerabilities 1
CVE ID CVE-2017-12637
CVSSv3 8.6 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N/E:H/RL:U/RC:C]
CWE ID CWE-22
Exploitation vector Network
Public exploit This vulnerability is being exploited in the wild.
Vulnerable software SAP NetWeaver
Vulnerable software versions SAP NetWeaver 7.50
Vendor URL SAP

Security Advisory

1) Path traversal

Description

The vulnerability allows a remote attacker to read arbitrary files on the vulnerable system.

The vulnerability exists due to improper input validation in scheduler/ui/js/ffffffffbca41eb4/UIUtilJavaScriptJS  component in SAP NetWeaver Application Server Java 7.5. A remote unauthenticated attacker can use directory traversal sequences (e.g. "../") to read contents of arbitrary file on vulnerable system.

Successful exploitation of this vulnerability may allow an attacker to gain acces to potentially sensitive information.

Note: there are reports that this vulnerability is being active exploited in the wild in August 2017.

Remediation

Cybersecurity Help is currenlty unaware of any official solution to address this vulnerability.

External links

https://nvd.nist.gov/vuln/detail/CVE-2017-12637
http://www.sh0w.top/index.php/archives/7/

Back to List