Vulnerability CVE-2010-2347


Published: 2010-06-21   Modified: 2012-02-13

Description:
The Telnet interface in the SAP J2EE Engine Core (SAP-JEECOR) 6.40 through 7.02, and Server Core (SERVERCORE) 7.10 through 7.30 allows remote authenticated users to bypass a security check and conduct SMB relay attacks via unspecified vectors.

See advisories in our WLB2 database:
Topic
Author
Date
Low
SAP J2EE Telnet Administration Security Check Bypass
Onapsis Research...
23.06.2010

Type:

CWE-264

(Permissions, Privileges, and Access Controls)

Vendor: SAP
Product: Server core 
Version:
7.30
7.20
7.11
7.10
Product: J2ee engine core 
Version:
7.02
7.01
7.00
6.40

CVSS2 => (AV:N/AC:M/Au:S/C:P/I:P/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.9/10
4.9/10
6.8/10
Exploit range
Attack complexity
Authentication
Remote
Medium
Single time
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
None

 References:
http://archives.neohapsis.com/archives/fulldisclosure/2010-06/0371.html
http://www.onapsis.com/resources/get.php?resid=adv_onapsis-2010-005
http://www.securityfocus.com/archive/1/511855/100/0/threaded
http://www.securityfocus.com/bid/40916
http://www.securitytracker.com/id?1024114
https://exchange.xforce.ibmcloud.com/vulnerabilities/59502
https://service.sap.com/sap/support/notes/1425847

Related CVE
CVE-2019-0267
SAP Manufacturing Integration and Intelligence, versions 15.0, 15.1 and 15.2, (Illuminator Servlet) currently does not provide Anti-XSRF tokens. This might lead to XSRF attacks in case the data is being posted to the Servlet from an external applicat...
CVE-2019-0266
Under certain conditions SAP HANA Extended Application Services, version 1.0, advanced model (XS advanced) writes credentials of platform users to a trace file of the SAP HANA system. Even though this trace file is protected from unauthorized access,...
CVE-2019-0262
SAP WebIntelligence BILaunchPad, versions 4.10, 4.20, does not sufficiently encode user-controlled inputs in generated HTML reports, resulting in Cross-Site Scripting (XSS) vulnerability.
CVE-2019-0259
SAP BusinessObjects, versions 4.2 and 4.3, (Visual Difference) allows an attacker to upload any file (including script files) without proper file format validation.
CVE-2019-0258
SAP Disclosure Management, version 10.01, does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.
CVE-2019-0257
Customizing functionality of SAP NetWeaver AS ABAP Platform (fixed in versions from 7.0 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.53, from 7.74 to 7.75) does not perform necessary authorization checks for an authenticated user, res...
CVE-2019-0256
Under certain conditions SAP Business One Mobile Android App, version 1.2.12, allows an attacker to access information which would otherwise be restricted.
CVE-2019-0251
The Fiori Launchpad of SAP BusinessObjects, before versions 4.2 and 4.3, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.

Copyright 2019, cxsecurity.com

 

Back to Top