Vulnerability CVE-2014-0984


Published: 2014-04-17   Modified: 2014-04-18

Description:
The passwordCheck function in SAP Router 721 patch 117, 720 patch 411, 710 patch 029, and earlier terminates validation of a Route Permission Table entry password upon encountering the first incorrect character, which allows remote attackers to obtain passwords via a brute-force attack that relies on timing differences in responses to incorrect password guesses, aka a timing side-channel attack.

See advisories in our WLB2 database:
Topic
Author
Date
High
SAP Router Password Timing Attack
CORE
17.04.2014

Type:

CWE-264

(Permissions, Privileges, and Access Controls)

CVSS2 => (AV:N/AC:M/Au:N/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.3/10
2.9/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None
Affected software
SAP -> Router 

 References:
http://scn.sap.com/docs/DOC-8218
http://www.coresecurity.com/advisories/sap-router-password-timing-attack
http://www.exploit-db.com/exploits/32919
http://www.securityfocus.com/archive/1/531854/100/0/threaded
https://service.sap.com/sap/support/notes/1986895

Copyright 2024, cxsecurity.com

 

Back to Top